Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Mega-Botnet Discovered

Posted by samzenpus on from the we're-gonna-need-a-bigger-internet dept.

yahoi writes "According to the DarkReading article, 'Researchers have discovered a major botnet operating out of the Ukraine that has infected 1.9 million machines, including large corporate and government PCs mainly in the US. The botnet, which appears to be larger than the infamous Storm botnet was in its heyday, has infected machines from some 77 government-owned domains — 51 of which are in the US government. Researchers from Finjan who found the botnet say it's controlled by six individuals, and includes machines in major banks.'"

7 of 257 comments (clear)

  1. no definite article needed by osvenskan · · Score: 5, Informative

    It's just "Ukraine", not "the Ukraine".

  2. Re:Can Help? by dov_0 · · Score: 3, Informative

    So the attackers for the main part have to fall back on social engineering. That's a pretty good advertisement for the software I reckon!

    --
    sudo mount --milk --sugar /cup/tea /mouth /etc/init.d/relax start
  3. Re:Can Help? by dimeglio · · Score: 4, Informative

    Why would a competent sysadmin even design a network hooked to the general internet to begin with if security is an absolute must?

    ... maybe because of Internet banking? Risk, cost or convenience, pick two.

    --
    Views expressed do not necessarily reflect those of the author.
  4. Re:DingDingDing! by jake-in-a-box · · Score: 5, Informative

    The data was not lost from military systems, it was obtained by crackers who penetrated military contractor's commercial systems. Yes, that leads to a whole bunch of questions and is not by any means an absolution of the military's IT security. But your statement does not match the facts.

    --
    To hear the gods laugh tell them your plans.
  5. Re:Can Help? by Daengbo · · Score: 3, Informative

    From the FAQ

    What operating systems have FDCC settings?

    Currently, FDCC settings are intended for Microsoft Windows XP Professional with Service Pack (SP) 2 or SP 3 and Microsoft Windows Vista Business, Microsoft Windows Vista Enterprise, and Microsoft Windows Vista Ultimate with SP 1.
    ...

    The Federal Desktop Core Configuration (FDCC) is an OMB-mandated security configuration.

    So ... to be in compliance, you can only run Windows desktops, is that correct? Wow! Way to feed the MS machine.

    --
    Put identity in the browser.
  6. Re:DingDingDing! by Randall311 · · Score: 4, Informative

    The data was not classified, just FOUO. Electronic copies exist for convince sake. It depends on the project, but there is usually no requirements for encryption of such documents. Expect that to change... soon.

  7. Re:Can Help? by gad_zuki! · · Score: 3, Informative

    This is true in windows too. Remember Storm? It was created with simple .exe files, not any exploits. I believe they just mass emailed 'greetingcard.exe.' Grandma ran it. Thats all it takes. It blows my mind mail servers are sending out executable to people in this day and age.

    A computer is just as secure as its operator.