From: InfoSec News (alertsinfosecnews.org)
Date: Fri May 15 2009 - 04:40:17 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://news.cnet.com/8301-1009_3-10240643-83.html

By Matthew Broersma
Security
CNet News
May 14, 2009

A pirated version of Windows 7 Release Candidate infected with a Trojan
horse has created a botnet with tens of thousands of bots under its
control, according to researchers at security firm Damballa.

The software, which first appeared on April 24, spread as quickly as
several hundred new bots per hour, and controlled roughly 27,000 bots by
the time Damballa took over the network's command and control server on
May 10, the firm said Tuesday.

The pirated software was spread via popular piracy sites and online
forums, Damballa said.

The software is primarily designed to download and install other
malicious packages under a "pay-per-install" scheme, under which the
botmasters are paid based on the number of other pieces of malware they
cause to be installed, Damballa said.

[...]

--
LayerOne 2009, Information Security for the discerning professional.
May 23-24 2009 The Anaheim Marriott in Anaheim, California
Visit http://layerone.info for more information

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]