Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Hijack Mebroot Botnet, Study Drive-By Downloads

Posted by ScuttleMonkey on from the hijack-and-inject-vaccine dept.

TechReviewAl writes "Researchers at the University of California at Santa Barbara hijacked the Mebroot botnet for about a month and used it to study drive-by downloading. The researchers managed to intercept Mebroot communications by reverse-engineering the algorithm used to select domains to connect to. Mebroot infects legitimate websites and uses them to redirect users to malicious sites that attempt to install malware on a victim's machine. The team, who previously infiltrated the Torpig botnet, found that at least 13.3 percent of systems that were redirected by Mebroot were already infected and 70 percent were vulnerable to about 40 common attacks."

2 of 130 comments (clear)

  1. Re:arrest them by Nadaka · · Score: 0, Troll

    http://slashdot.org/comments.pl?sid=1393007&cid=29649223&art_pos=1

    Yes, they actually did commit a crime. and yes I did RTFA. They reverse engineered the algorithm of the js package. That algorithm was essentially copy protection aka DRM. This is a federal felony under the DMCA.

  2. Re:arrest them by Nadaka · · Score: 0, Troll

    All creative works (software included) are under copyright from the moment they are published under US law (most other western nations as well).