This Just In: Dog Bites Man!

There’s a saying in journalism, “When a dog bites a man, that is not news, because it happens so often. But if a man bites a dog, that is news.”

Consider the Kneber botnet.  If you follow tech news, it was nearly impossible to miss the stories on Feburary 18, 2010 mentioning how this newly discovered botnet had infected almost 75,000 computers and including those of over 2500 organizations.  Sounds pretty serious, doesn’t it?  Let’s look a little deeper.  Kneber is a variant of the ZeuS botnet.

The ZeuS botnet was first identified in July of 2007 and has been in the news off and on since then.  But calling it “The ZeuS Botnet” is misleading.  ZeuS is not a single collection of infected machines being controlled by some nefarious cyber-puppetmaster to further his evil genius.  Rather, ZeuS is a DIY botnet kit that you can buy for a few hundred dollars.  Yes – armed with the right URL and some cash, you too can be a cybercriminal!   So you see, there are several different cybercrooks out there using the ZeuS botnet kit to commit cybercrime.

The cybercriminals then build their botnet kit and trick you, the unsuspecting user, into downloading code that makes you part of their botnet.  They do this by sending tantalizing emails extolling how ‘all will be revealed’ by clicking on the conveniently-supplied link.  Or even scarier, they infiltrate legitimate web sites and secretly deliver the infected payload to you when you visit the site.   Once your machine is infected, it establishes contact with a master computer called a Command & Control (C&C) server.  These C&C servers send their instructions from the cybercriminal controlling that particular botnet to the infected computers (i.e., zombies).  Most commonly, ZeuS has been used to steal banking credentials from small and medium-sized businesses.  The stolen credentials are then used to wire money from the business’s bank account to an untraceable location in the third world.

Here at Umbra Data, we’re currently keeping our eye on about 3800 known ZeuS Command & Control servers.  Remember, on average, each C&C controls many thousands of zombies.  Kneber is a teeny part of that number.

So should you worry about the Kneber botnet?  Yes, about as much as you should worry about getting bitten a dog.

- Paul -

1 comment to This Just In: Dog Bites Man!

  • [...] Consider the Kneber botnet . If you follow tech news, it was nearly impossible to miss the stories on Feburary 18, 2010 mentioning how this newly discovered botnet had infected almost 75000 computers and including those of over 2500 …Click Here [...]

Leave a Reply

 

 

 

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>