Network of 1.9 Million Malware-Infected Computers Controlled by Cybercriminals



Finjan Inc., a leader in secure web gateway products and the provider of unified web security solutions for the enterprise market, today announced that Finjan’s Malicious Code Research Center (MCRC) has discovered a network of 1.9 million malware-infected computers. Corporate, government and consumer computers around the world were infected by the malware.

This discovery is part of a research conducted by MCRC when investigating command and control servers operated by cybercriminals. The cybercrime server has been in use since February 2009, is hosted in the Ukraine and is controlled by a cybergang of 6 people. These cybercriminals established a vast affiliation network across the Web to successfully distribute and operate their malware install-base. They compromised computers in 77 government-owned domains (.gov) from the US, UK and various other countries.

The malware is remotely controlled by the cybercriminals, enabling them to instruct the malware to execute almost any command on the end-user computer as they see fit, such as: reading emails, copying files, recording keystrokes, sending spam, making screenshots, etc.

Since the discovery of its findings, Finjan has provided US and UK law enforcement with information about the server. Finjan has also contacted affected corporate and government agencies to let them know that they were part of the infected computer names.

“As predicted by Finjan at the end of last year, cybercriminals keep on looking for improved methods to distribute their malware and Trojans are winning the race. The sophistication of the malware and the staggering amount of infected computers proves that cybergangs are raising the bar,” said Yuval Ben-Itzhak, CTO of Finjan. ”As big money drives today’s cybercrime activities, organizations and corporations need to protect their valuable data to prevent theft by these kind of sophisticated cyberattacks.”

The research also revealed that the malware is installed on computers when visiting compromised websites serving malicious code. Information found by MCRC on the command and control server includes the IP addresses of the infected computers as well as the computers’ name inside corporate and government networks that are running the malware.


Full detail here: http://www.finjan.com/Pressrelease.aspx?id=2238&PressLan=2139&lan=3
.



Relevant Pages

  • Ping: John Holmes
    ... government and consumer computers around the world were infected by the malware. ... These cybercriminals established a vast affiliation network across the Web to successfully distribute and operate their malware install-base. ... Since the discovery of its findings, Finjan has provided US and UK law enforcement with information about the server. ...
    (alt.computer.security)
  • Re: Network of 1.9 Million Malware-Infected Computers Controlled by Cybercriminals
    ... and consumer computers around the world were infected by the malware. ... command and control servers operated by cybercriminals. ... Since the discovery of its findings, Finjan has provided US and UK law ...
    (microsoft.public.security)
  • Re: Network of 1.9 Million Malware-Infected Computers Controlled by Cybercriminals
    ... government and consumer computers around the world were infected by the malware. ... These cybercriminals established a vast affiliation network across the Web to successfully distribute and operate their malware install-base. ... Finjan has also contacted affected corporate and government agencies to let them know that they were part of the infected computer names. ...
    (microsoft.public.security)
  • Re: Massive botnet loose on Windows XP.
    ... The botnet has been in use since February and is hosted in the Ukraine, according to a report by security firm Finjan. ... The cybercriminals were enable to infect end-user computers through legitimate websites with malware that bypassed 90% of common anti-virus software. ... Finjan alerted US and UK authorities and notified government departments and businesses whose computers were part of the botnet. ...
    (microsoft.public.windows.vista.general)
  • Massive botnet is loose on Windows XP
    ... The botnet has been in use since February and is hosted in the Ukraine, according to a report by security firm Finjan. ... The cybercriminals were enable to infect end-user computers through legitimate websites with malware that bypassed 90% of common anti-virus software. ... Finjan alerted US and UK authorities and notified government departments and businesses whose computers were part of the botnet. ...
    (alt.comp.anti-virus)