zombie machine

An online security firm F-Secure revealed that botnets of compromised machines are now used by cyber criminals to issue units of Bitcoin virtual currency.

Perpetrators used the ideas in distributed computing practiced by the SETI project. Cyber criminals programmed their botnets of zombie machines to farm Bitcoins.

"The bots are created with a generator," writes Mikko H Hypponen, chief research officer at F-Secure. "Generator sets a specific Twitter account to be the one which can be used to control the mining botnet."

Since March when Microsoft in association with the U.S. Federal Marshal service and security firm FireEye shut down the Rustock botnet the number of email messages with malicious links increased significantly. While the shutdown resulted in a sharp decline of spam messages it provoked great lack of zombie machines thus prompting perpetrators to send more malicious messages.

ZeuS botnet continues its evolution despite high-profile crack downs on its orchestrators in the US, UK and Ukraine, according to security experts.

Zeus Trojan bust reveals sophisticated 'money mules' operation in U.S.

"There's a community building it and supporting it," says Eric Skinner, CTO of Entrust. "There's no one person to take down. If one person stops updating, somebody else will pick up the task. It's not like when you shut down a software company and the product ceases to be developed."

According to the report by security vendor M86 Security one of the largest botnets which is the Pushdo or Cutwail network was taken down and as a result the amount of spam decreased significantly. But it is believed that the botnet will retrieve in a matter of weeks.

Waledac botnet that was taken down in February this year is again waking up. As is known the court order ruled to close Waledac-related domains, depeer the botnet's peer-to-peer communications and take down the server.

While it may seem that Microsoft’s operation brought a success it was only superficial as it did nothing to clean up estimated 90,000 infected bot clients. While they were depeered they waited for their time to get up again.

It was found that there is a dedicated network that keeps most notorious botnets always-on connections and virtually immune from takedowns. Researchers at RSA have identified the network of the servers that shepherd tens of thousands of infected PCs so they continue to send spam, spread malware, and stay updated with the latest bot software.

Telecommunication companies and large Internet service providers are getting increasingly concerned about the cyber threats coming from targeted attacks which replace botnet-driven attacks as the main problem.

In the course of joint efforts between Neustar and Internet service providers the command-and-control servers of the Lethic botnet have been taken out, though it does not seem to be too effective.

Dark Reading reports that perpetrators behind the Lethic specialised in distributing unlicensed pharmaceutical, diploma and replica goods spam. Compromised machines in the network are reckoned to have spewed out as much as one in 10 of junk mails circulating globally.

Conficker worm is reportedly thriving in the developing world. Despite high profile infection at the UK's Ministry of Defence and a series of British hospitals, to cite just a few examples, Conficker has proportionally affected systems in Africa and south America far more. Developing nations have become "malware ghettos", stats from Shadowserver suggest.

This vast cybercrime resource has remained dormant throughout 2009, after first appearing in October 2008.

 At the opening of the ITU Telecom World exhibition and forum in Geneva on Monday Hamadoun Touré, secretary general of the International Telecommunication Union, the United Nations agency that organized the event, warned that the world faces the third global war in the cyber space.

"The next world war could begin in cyberspace," warned Touré.