Slashdot Mirror

← Back to Stories (view on slashdot.org)

CA Warns Of Massive Botnet Attack

Posted by Zonk on from the watch-your-heads dept.

m4dm4n wrote to mention a story running on The Register which describes a coordinated malware attack designed to establish a massive botnet. From the article: "The attack involves three different Trojans - Glieder, Fantibag and Mitglieder - in a co-ordinated assault designed to establish a huge botnet under the control of hackers. Computer Associates reckons that access to the compromised PCs is for sale on a black market, at prices as low as five cents per PC."

4 of 357 comments (clear)

  1. Re:This is interesting... by WhiteWolf666 · · Score: 4, Informative

    I think it would be fine to move to OpenBSD, and keep all your settings on 'paranoid'.

    It does ship *secure* out of the box. No remote exploits.

    Don't open any ports until you get the hang of it.

    Either way, it won't be *more* dangerous than Windows :)

    --
    WhiteWolf666 an exBush supporter. All you new-school,compassionate,save the children Republicans can rot in hell
  2. Re:Wrong career by Hank+Chinaski · · Score: 2, Informative

    Glieder = limbs
    Mitglieder = Members

    --
    IAAL
  3. Re:How does the money change hands? by snorklewacker · · Score: 4, Informative

    Swiss banks are so 20th century. They're expensive to open, and they actually cooperate with Interpol on money laundering.

    Caymans are where it's at.

    --
    I am no longer wasting my time with slashdot
  4. Rent botnets here! $0.05/machine by Animats · · Score: 4, Informative
    You, too, can rent your own botnet. Just visit one of these spammer-run sites.

    SpamForum

    SpecialHam

    And the new WildBiz.

    WildBiz does not require registration; the other two do. Just enter the forums and look under "Proxy Lists". Typical ads:

    • "Hello everybody here...
      First of all Hi to all of my seniorshooters here..
      Having good collection of fresh Proxies and got DM ["Dark Mailer" .. ed] Latest Version (Full Version) at really cheap rate.
      DM Latest version (Full) for $49
      Fresh Proxies $50 for 500 proxies
      dmandproxies@iamdns.com
    • Today's Fresh Proxies
      61.246.226.69:3128@TUNNEL$GOOD$20297$Australia
      81.33.4.70:3128@TUNNEL$GOOD$2953$Spain
      61.246.226.69:3128@TUNNEL$GOOD$20297$Australia
      218.208.247.81:3128@TUNNEL$GOOD$15219$Malaysia
      219.144.194.74:1080@SOCKS4$GOOD$1125$China
      66.154.54.215:80@TUNNEL$GOOD$4157$United States
      66.154.54.224:80@TUNNEL$GOOD$1266$United States
      ...
      We provide Hourly Updated Fresh Proxy Lists, which can be used for bulk mailing ... standard port proxies and non-standard port proxies are both provided, become our members, and download fresh proxy lists hourly. USD 50 per month, then you can access our proxies database . proxies updated from every 15 minutes to 30 minutes . For more infomation, please contact proxylists@iamdns.com

    That's how you market a botnet.

    Yes, these operations are addressed to wannabe spammers. But the fact that they're advertised openly indicates how weak enforcement is.