Microsoft Leads FBI Coalition To Destroy Botnet

Uploaded on 2015-12-11 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Discovered in 2011 the Win32/Dorkbot malware has spread to over a million Windows PCs worldwide. During the last six months alone it had been infecting over 100,000 machines a month. Microsoft announced on Wednesday they had teamed up to enact a coordinated malware eradication campaign to disrupt the botnet.

The malware has been spread via a number of routes including USB drives, IM clients, Social Networks, Email and Drive-by downloads. Its primary aim was to steal online user credentials and any information that can personally identify you. It is also able to install yet more malware to your PC from command and control servers.

In order to take down Win32/Dorkbot, Microsoft worked with a number of organizations including ESET, Department of Homeland Security, Europol, FBI and Interpol. The take down joins a long list of ongoing successful efforts to disrupt malware networks.

Whilst not much was given away on actual specifics of the dismantling technique used, we do know it’s based on their established Coordinated Malware Eradication initiative. The CME program aims to co-ordinate information exchange and response from six key sectors. The goal being: Prosecute, Starve, Identify & Block, shun and set policies. Microsoft strategically cooperating with a diverse set of businesses and institutions, with each having their own role to prosecute in the operation.
    
    Security vendors: By sharing detection methods, malware behavior, and unpacking techniques, vendors can more quickly identity and block the malware families as they appear on network-connected endpoints and servers.
    
    Financial institutions: online search, and advertising businesses: With better fraudulent behaviour identification, these organizations can starve malware authors of their ill-gotten gains.

    
    CERTs and ISPs: Armed with vetted lists, CERTS and ISPs can block and take down deploy sites, and command and control servers.
    
    Law enforcement: Using correlated evidence, law enforcement can prosecute the people and organizations behind the malware.

 Microsoft’s own real-time security such as Windows Defender is equipped to remove this threat automatically. Advice on how to not become infected remains very much the same.

Be cautious when opening emails or social media messages from unknown users. Be wary about downloading software from websites other than the program developers. Run antimalware software regularly.

Microsoft also provides some additional tools, which can scan and remove this family of malware, it is the Microsoft Safety Scanner & Malicious Software Removal Tool.
NewWin: http://bit.ly/1lTSPse

 

« Australian Degree Course on Cyber War and Peace
The Biggest Cybersecurity Risk Is Not Identity Theft »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Huawei

Huawei

Huawei is a leading global ICT solutions provider. with end-to-end capabilities across the carrier networks, enterprise, consumer, and cloud computing fields.

Gamma

Gamma

Gamma is a leading provider of Unified Communications as a Service (UCaaS) into the UK, Dutch, Spanish and German business markets.

Bayshore Networks

Bayshore Networks

Bayshore Networks was founded to safely and securely protect Industrial IoT (IIoT) networks, applications, machines and workers from cyber threats.

Sparta Consulting

Sparta Consulting

Sparta Consulting is an information management and business development full service provider.

Cienaga Systems

Cienaga Systems

Cienaga Systems is a leader in autonomous cyber threat hunting technology.

FoxGuard

FoxGuard

FoxGuard develops customized cyber security, compliance and industrial computing solutions for critical infrastructure entities and control system vendors.

Cyjax

Cyjax

Cyjax monitors the Internet to identify the digital risks to your organisation, including cyber threats, reputational risks and the Darknet.

Cybersecurity & Infrastructure Security Agency (CISA) - USA

Cybersecurity & Infrastructure Security Agency (CISA) - USA

CISA leads the national effort to defend critical infrastructure against the threats of today and to secure against the evolving risks of tomorrow.

Cybersecurity Innovation Hub

Cybersecurity Innovation Hub

The main objective of the Hub is to bring cybersecurity and other advanced technologies closer to companies and as a result help to increase their performance as Industry 4.0.

Bridewell

Bridewell

Bridewell provide cost effective Security & Risk Assurance Services across Information Security, Cyber Security, Technology Risk, Security Testing and Data Privacy.

DeFY Security

DeFY Security

DeFY Security is a Cyber Security solutions provider with more than 20 years of experience securing financial institutions, healthcare, manufacturing and retail.

Telstra

Telstra

Telstra is one of the world's leading telecommunications and technology companies, offering a wider range of services from networks and cloud solutions to mobility and enterprise collaboration tools.

Comcast Technology Solutions (CTS)

Comcast Technology Solutions (CTS)

Comcast Technology Solutions delivers proven technologies for global video, media, communications, data applications, and cybersecurity & compliance.

Cybersecurity Elastic Laboratory (CEL)

Cybersecurity Elastic Laboratory (CEL)

CEL specialize in providing top-tier services in vulnerability diagnosis and penetration testing, offering a comprehensive suite of solutions to mitigate cyber risks.

SecureCyber

SecureCyber

Secure Cyber Defense offers industry-leading technology and managed detection and response solutions.

WIIT Group

WIIT Group

WIIT Group are focused on a single goal: securing our clients’ critical processes and enabling them for digital transformation.