From: InfoSec News (alertsinfosecnews.org)
Date: Wed Jul 15 2009 - 00:28:25 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://joongangdaily.joins.com/article/view.asp?aid=2907437

By Yoo Jee-ho
JoongAng Daily
July 15, 2009

Seoul investigators said lists of files from so-called "zombie"
computers used during the recent cyber attacks have been leaked to
hundreds of outside servers, and that authorities are trying to
determine if actual files were transferred.

While no major hacking attack was reported yesterday, the National
Police Agency’s Cyber Terror Response Center and the Korea Information
Security Agency were busy analyzing 27 zombie computers, or the ones
that had been infected with malicious code without the owners’
knowledge. These computers served as the unwitting sources for the
distributed denial-of-service (DDoS) attacks last week.

Investigators discovered that some lists of the computers’ "Documents
and Settings" and "Program Files" had been sent to outside servers.
Following the DDoS attacks last week, files in about 1,200 zombie
computers were deleted, but no file data appeared to have been leaked.

The investigators said they’ve located 416 such servers in 59 countries,
including 15 servers in South Korea. Police said they’ve blocked access
to those 15 servers and have confiscated 13 of them for further
analysis.

[...]

_______________________________________________
Attend Black Hat USA, July 25-30 in Las Vegas,
the world's premier technical event for ICT security experts.
Network with 4,000+ delegates from 50 nations.
Visit product displays by 30 top sponsors in
a relaxed setting. http://www.blackhat.com

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]