New Russian Botnet Tries To Kill Rivals

← Back to Stories (view on slashdot.org)

New Russian Botnet Tries To Kill Rivals

Posted by CmdrTaco on Wednesday February 10, 2010 @03:10AM from the there-can-be-only-one dept.

alphadogg writes "An upstart Trojan horse program has decided to take on its much-larger rival by stealing data and then removing the malicious program from infected computers. Security researchers say that the relatively unknown Spy Eye toolkit added this functionality just a few days ago in a bid to displace its larger rival, known as Zeus. The feature, called "Kill Zeus," apparently removes the Zeus software from the victim's PC, giving Spy Eye exclusive access to usernames and passwords. Zeus and Spy Eye are both Trojan-making toolkits, designed to give criminals an easy way to set up their own "botnet" networks of password-stealing programs. These programs emerged as a major problem in 2009, with the FBI estimating last October that they have caused $100 million in losses."

6 of 136 comments (clear)

Min score:

Reason:

Sort:

Botnets fighting botnets... by Anonymous Coward · 2010-02-10 03:23 · Score: 3, Interesting

Why isn't this kind of technology being used to fight botnets? Couldn't a program be released using virus-like means to disseminate itself, and try to eliminate malicious software wherever it finds it? Sort of like a distributed-computing project, with each peer actively trying to disseminate a "counter-virus"? Or "antibodies", if you will?
How to explain this to noobs? by Alwin+Henseler · 2010-02-10 03:49 · Score: 2, Interesting

You have this infected machine, perhaps it's a bot sending out bulk spam. Or you install a game on it, and a trojaned executable steals your CD-key and sends it off.. to China? To Russia? Who knows... Or you do some home banking with it (imbecile!), and possibly some program monitors your keystrokes, and sends of username+passwords to "parties unknown".
But the recurring problem: how to explain this to a noob? They're sitting on this trojaned machine, actively using it, processing private data with it, and just don't seem to care (as long as the apparatus still does the job). Anyone know of a good way to explain it to a person like this, what the dangers are? Why they should desinfect / wipe the machine ASAP? What does it take to make them understand what it means "there's a trojan / backdoor on your machine"?
Or is this futile? Should you just wait until they get hit hard(er)? Bank account emptied, e-mail account hacked, game CD-key blocked etc.? Any ideas?
1. Re:How to explain this to noobs? by clone53421 · 2010-02-10 03:55 · Score: 2, Interesting
  
  Online banking.
  Even if you don’t do online banking on the computer, you’re allowing it to use the computer to spread itself. If you knowingly permit this you’re contributing to the defrauding of other people who do get their identities stolen, etc.
  
  --
  Alexander Peter Kristopeit bought his basement from his mommy for one dollar.
Microsoft's responsibility by Orlando · 2010-02-10 04:28 · Score: 2, Interesting

This may sound naive, but I'm assuming that the vast majority of the machines used in botnets are Windows PCs? So has any attempt been made to make Microsoft take some of the responsibility of this phenomenon on and do something about it?

--
-= This is a self-referential sig =-
Re:yes by HungryHobo · 2010-02-10 04:28 · Score: 2, Interesting

http://webtorque.org/wp-content/uploads/malware_biz.pdf
the really quiet well made ones you don't hear much about.
Re:So It's an AI? by Anonymous Coward · 2010-02-10 05:06 · Score: 1, Interesting

And you are doing exactly what you evolved to do. Get resources, attract a female, make offspring... The attracting a female part makes you do things like getting a job, education... anything you can to improve your statute within society such that you have a better chance of courting a female...
You are just an automaton.