Steve Smith talks about 5 famous botnets and how many of them spammed, controlled, defrauded and even held computers for ransom.
Episode #5-11 released on November 20, 2014
Let's talk about Botnets. A botnet is a collection of interconnected programs communicating together with the help of a command and control center. Botnets are normally created through the use of malware, and hence normally named after them, even though the malware may have multiple sources and command and control centers that are not interconnected themselves. They are normally used to send spam email or participate in distributed denial-of-service attacks.
Today, I'd like to talk about 5 botnets that took over the internet, starting with the original illegal botnet.
The first botnet was created by notorious spammer Khan C. Smith, in 2001 with the explicit purpose of sending out spam, detected by Earthlink in 2001, it was responsible for nearly 25% of all spam.
In 2008, the Mega-D botnet, was detected and was eventually brought down by late 2009, but not before creating a network of 500K infected machines responsible for over 32% of all spam worldwide for that time. Oleg Nikolaenko was the suspected arrested in relation to this botnet.
The Zeus Trojan, another virus with a botnet with a claim to fame related to stealing online credentials such as your bank accounts, email accounts, social networking, and other financial solutions. High level targeting pointed at such sites as Facebook, Yahoo, Amazon, Hi5, Metroflog, Sonico, Netlog, and more. The virus can be remotely manipulated allowing hackers to manipulate how the virus collects information, and could even inject ransomware, such as Cryptolocker. This Trojan, and related botnet was detected in 2010 and is responsible for 3.6 million PC infections in United States alone. In 2013 Hamza Bendelladj was arrested in relation to the virus, and is presumed to be the mastermind behind it.
The Mariposa botnet was discovered in December of 2008, injected into computers through the use of the Butterfly Bot, it was used to collect usernames and passwords to a multitude of web-sites including financial institutions, and at the peak had infected upwards of a million PCs with a total of 12 million unique IP addresses. In December of 2009, the botnet dismantled itself before anyone could really get a look at it, however on February 3, 2010, Florencio Carro Ruiz (alias: Netkairo), was arrested in relation to the botnet, and is told to be both the creator of the virus and botnet, as well as, leader of the DDP.
And, finally, The Kraken Botnet, The world largest botnet in April 2008, infecting 50 of the Fortune 500 companies growing beyond 400K bots, it was estimated to send out over 9 billion spam messages per day, designed to evade and hide from conventional antiviral techniques and software. When Damballa released a guide on how to remove the malware, they discovered a list of compromised IP addresses showing 495K computers were in fact infected with the virus. What do all these botnets have in common? They collected personal information, were used to commit fraud, leverage fear and panic by deploying ransom ware, flooded the internet with spam, with the explicit intent of spreading the viruses far and wide to widen the botnets, and in some cases, were, also, used to DDOS various web-sites in an attempt to bring them down.
This is why we should always scan all files we download and never open attachments in emails. You should always run an antivirus solution, and keep that and your favorite operating system, up to date.
Host : Steve Smith | Music : Jonny Lee Hart | Editor : Steve Smith | Producer : Zed Axis Productions