Dutch police behead Bredolab botnet
Server slaughter
Regcast training : Hyper-V 3.0, VM high availability and disaster recovery
Dutch police and net security organisations have teamed up to dismantle many of the command and control servers associated with the Bredolab botnet.
The Bredolab Trojan, which has spyware components that allow criminals to capture bank login details and other sensitive information from compromised machines, has infected an estimated 30 million computers worldwide since its emergence in July 2009.
Infected machines remain pox-ridden but the command system associated with the cybercrime network has been decapitated, following an operation led by hi-tech police in The Netherlands.
The Dutch Forensic Institute NFI, net security firm Fox-IT and GOVCERT.NL (the Dutch computer emergency response team) assisted in the operation which involved the takedown of 143 servers associated with the botnet. Fox-IT used the botnet itself to alert infected victims that there was a problem with their machines, directing them to a notice here.
The command systems were hired by unidentified cybercrooks from hosting provider LeaseWeb, which co-operated in the dismantling of the botnet.
A statement (in English) by the Dutch National Crime Squad on the takedown operation can be found here. ®
COMMENTS
They've caught the brains behind IT
From Dutch Police: "Op verzoek van het Landelijk Parket is vannacht op het internationale vliegveld van Jerevan een 27-jarige Armeniër aangehouden, die vermoedelijk het brein is achter het beruchte Bredolab netwerk".. Which translates to:
At the request of the Dutch Police, a 27 year-old Armenian, who is presumed to be the brains behind the infamous Bredolab network, was arrested at Yerevan international airport last night.
Or more like, they've arrested the 27 year old fall guy.
lol k
Windows has UAC, that alone hampers alot of basic and skilled malware, it is the end user that blindly clicks accept/ok without ever reading the UAC warning.... the same thing would happen on linux if these people used it. instead of banning windows from networks, how about banning the users from the network until they actually learn to use computers properlly
You are more than likely correct, sir.
More than likely, they wouldn't read it. When I remoted into a computer at a library to fix something on their network, it took me disabling the keyboard and mouse to get the person off the computer. The big message that says "SOMEONE HAS REMOTELY LOGGED INTO THIS MACHINE AND IS CONTROLLING IT" was only closed when it popped up. Similar messages that I sent to pop up on the screen were sometimes read but ignored, like it was some malicious popup from Facebook or something.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Top 10 SIEM implementer’s checklist
Steps to Take Before Choosing a Business Continuity Partner
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
