Interpol unplugs nearly 9,000 Asian command and control networks
WordPress plug-in bug exploited in eight countries
An Interpol investigation has revealed a worrying degree of insecurity in south-east Asian countries, with even government-operated web servers infected to operate as command and control systems for bot-herders.
The investigation turned up and shut down 9,000 C&C servers across “hundreds” of compromised Websites in Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand and Vietnam.
Interpol worked with investigators from all the listed countries, with assistance from China, its announcement says. Trend Micro, Kaspersky Lab, Cyber Defense Institute, Booz Allen Hamilton, British Telecom, Fortinet and Palo Alto Networks took part in the investigation, Interpol says.
Malware found on the servers included ransomware operations, DDoS operations, and spam distribution, with Trend Micro saying most of the infections resulted from an unnamed WordPress plugin exploit.
The INTERPOL Global Complex for Innovation (IGCI) reckons the operation will help it push back against Asian cybercrime operations.
The attacks spotted by the IGCI operation also uncovered yet-another Nigerian scam.
In March, Interpol estimated that “Nigerian princes” have netted US$3 billion in the last three years. ®