Mikko Hypponen: Fighting viruses, defending the net

Location d’un botnet – Combien ça coute ? Une étude menée par Verisign (iDefense Intelligence Operations Team) a permis d'estimer le cout moyen de location d'un botnet. Pour résumer, un botnet est un essaim de milliers d'ordinateurs sous le contrôle d'une seule crapule, qui permet d'envoyer du spam ou encore d'attaquer des sites en les surchargeant (via Ddos). Et ce "petit service" coûte en moyenne 9 $ l'heure ou 67 $ les 24h. L'étude a porté sur 25 botnets donc les chiffres sont à prendre avec des pincettes car cela dépend surtout du nombre d'ordinateurs présents dans le botnet. Il est possible de tout louer ou juste une partie et les prix se pratiquent très souvent à la tête du client.

Top 10+ TED Videos On Education & Learning Better Together: Why Schools Should Work in Networks 40Shares In the latest episode of the Getting Smart podcast, Tom talks about the power of school networks and debriefs his new book, co-authored by Lydia Dobyns, Better Together: How to Leverage School Networks for Smarter Personalized and Project Based Learning. Friday Five: Notes From The Frontier Mundo Hacker Radio de Mundo Hacker Radio Botnet TDL4 Botnet TDL4 Cette news m'a fasciné... La société Kaspersky a mis au jour un réseau de botnet du nom de TDL4 (ou TDSS) de plus de 4,5 millions de machines. D'après l'éditeur d'antivirus, TDL4 a véritablement été conçu pour régner en maitre sur ses machines grâce à :

The long arm of Microsoft tries taking down Zeus botnets Microsoft and financial services organizations, with an escort of U.S. Marshals, seized command-and-control servers Friday to take down botnets allegedly used to steal more than $100 million using an estimated 13 million computers infected with the Zeus malware. After raids in Scranton, Pa., and Lombard, Ill., "some of the worst known Zeus botnets were disrupted by Microsoft and our partners worldwide," Microsoft announced Sunday night in a post by Richard Domingues Boscovich, senior attorney with Microsoft's Digital Crimes Unit.

Meet 'Flame', The Massive Spy Malware Infiltrating Iranian Computers Map showing the number and geographical location of Flame infections detected by Kaspersky Lab on customer machines. Courtesy of Kaspersky A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation. The malware, discovered by Russia-based antivirus firm Kaspersky Lab, is an espionage toolkit that has been infecting targeted systems in Iran, Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa for at least two years.

Analysis of Spear-Phishing File The following is guest post courtesy of Ned Moran of the Shadowserver Foundation. This post is a technical analysis of the malware used in a spear phishing attack targeting those interested in ICS security . Dale was kind enough to share a copy of the spear phishing email that he posted about here. This spear phish contained a link to a zip file hosted at The downloaded zip file had the following properties: A beginner’s guide to building botnets—with little assembly required Have a plan to steal millions from banks and their customers but can't write a line of code? Want to get rich quick off advertising click fraud but "quick" doesn't include time to learn how to do it? No problem.

New Zeus P2P bots: anonymous cyber-crime ready for mass market The recent resurgence of the Hlux/Kelihos botnet, taken down last week by a team of security companies, demonstrates how hard it is to detect and permanently shut down the latest generation of botnets. And the arms race to counter botnets is only going to escalate further now that the sort of peer-to-peer technology used in Kelihos has become commoditized in Zeus, a botnet "platform" at the center of a thriving criminal software ecosystem. Last week, Microsoft and its partners were able to take down a collection of Zeus botnets infecting more than 13 million PCs by seizing associated servers and domain names then disrupting their command and control (C&C) network. But those botnets were built using an older set of Zeus binaries. A newer version of the software incorporates peer-to-peer networking technology in a way that eliminates the need for a C&C server, rendering botnets immune to that sort of decapitating strike. Where we're going, we don't need servers

DDoS-for-hire service works with blessing of FBI, operator says A website that accepts payment in exchange for knocking other sites offline is perfectly legal, the proprietor of the DDoS-for-hire service says. Oh, it also contains a backdoor that's actively monitored by the FBI. Ragebooter.net is one of several sites that openly accepts requests to flood sites with huge amounts of junk traffic, KrebsonSecurity reporter Brian Krebs said in a recent profile of the service . The site, which accepts payment by PayPal, uses so-called DNS reflection attacks to amplify the torrents of junk traffic.

Viruses, Trojans, and worms, oh my: The basics on malware Some say we're living in a "post-PC" world, but malware on PCs is still a major problem for home computer users and businesses. The examples are everywhere: In November, we reported that malware was used to steal information about one of Japan's newest rockets and upload it to computers controlled by hackers. Critical systems at two US power plants were recently found infected with malware spread by USB drives. Malware known as "Dexter" stole credit card data from point-of-sale terminals at businesses. And espionage-motivated computer threats are getting more sophisticated and versatile all the time. In this second installment in the Ars Guide to Online Security, we'll cover the basics for those who may not be familiar with the different types of malware that can affect computers.