Microsoft Leads FBI Coalition To Destroy Botnet

Discovered in 2011 the Win32/Dorkbot malware has spread to over a million Windows PCs worldwide. During the last six months alone it had been infecting over 100,000 machines a month. Microsoft announced on Wednesday they had teamed up to enact a coordinated malware eradication campaign to disrupt the botnet.

The malware has been spread via a number of routes including USB drives, IM clients, Social Networks, Email and Drive-by downloads. Its primary aim was to steal online user credentials and any information that can personally identify you. It is also able to install yet more malware to your PC from command and control servers.

In order to take down Win32/Dorkbot, Microsoft worked with a number of organizations including ESET, Department of Homeland Security, Europol, FBI and Interpol. The take down joins a long list of ongoing successful efforts to disrupt malware networks.

Whilst not much was given away on actual specifics of the dismantling technique used, we do know it’s based on their established Coordinated Malware Eradication initiative. The CME program aims to co-ordinate information exchange and response from six key sectors. The goal being: Prosecute, Starve, Identify & Block, shun and set policies. Microsoft strategically cooperating with a diverse set of businesses and institutions, with each having their own role to prosecute in the operation.
    
    Security vendors: By sharing detection methods, malware behavior, and unpacking techniques, vendors can more quickly identity and block the malware families as they appear on network-connected endpoints and servers.
    
    Financial institutions: online search, and advertising businesses: With better fraudulent behaviour identification, these organizations can starve malware authors of their ill-gotten gains.

    
    CERTs and ISPs: Armed with vetted lists, CERTS and ISPs can block and take down deploy sites, and command and control servers.
    
    Law enforcement: Using correlated evidence, law enforcement can prosecute the people and organizations behind the malware.

 Microsoft’s own real-time security such as Windows Defender is equipped to remove this threat automatically. Advice on how to not become infected remains very much the same.

Be cautious when opening emails or social media messages from unknown users. Be wary about downloading software from websites other than the program developers. Run antimalware software regularly.

Microsoft also provides some additional tools, which can scan and remove this family of malware, it is the Microsoft Safety Scanner & Malicious Software Removal Tool.
NewWin: http://bit.ly/1lTSPse

 

« Australian Degree Course on Cyber War and Peace
The Biggest Cybersecurity Risk Is Not Identity Theft »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Aurec

Aurec

Aurec provides specialist recruitment and contracting services including ICT professionals.

Libraesva

Libraesva

Libraesva specialize in Email Security. From Email Security, Phishing Awareness and Email Archiver. We can assist you with any email issues you may have.

Conference-Service.com

Conference-Service.com

Conference-Service.com provides a categorised calendar of conferences and events which includes Information Security.

LogicManager

LogicManager

LogicManager offer a complete set of IT governance, risk and compliance software solutions and advisory services.

Airbus Cybersecurity

Airbus Cybersecurity

Airbus CyberSecurity is a European specialist in cyber security. Our mission is to protect governments, military and critical national infrastructure enterprises from cyber threats.

EIT Digital

EIT Digital

EIT Digital is a leading digital innovation and entrepreneurial education organisation driving Europe’s digital transformation. Areas of focus include digital infrastructure and cyber security.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

European Recruitment

European Recruitment

European Recruitment is an award-winning, international recruitment agency specialising in niche technology areas including Cyber Security.

Defence Intelligence

Defence Intelligence

Defence Intelligence is an information security firm specializing in advanced malware protection.

Trusted Objects

Trusted Objects

Trusted Object's mission is to provide state of the art security solutions and services enabling a strong root of trust for the IoT ecosystem.

Orbus Software

Orbus Software

Orbus develops, markets and sells enterprise software which helps large, blue chip and government organisations across the globe to achieve digital transformation outcomes.

Winbond Electronics

Winbond Electronics

Winbond is a Specialty memory IC company. Product lines include Code Storage Flash Memory, TrustME® Secure Flash, Specialty DRAM and Mobile DRAM.

CyberX9

CyberX9

CyberX9 helps you protect against a wide range of cyber attacks whether you are a business or a high-net worth individual under risk.

Gutsy

Gutsy

Gutsy uses process mining to help organizations visualize and analyze their complex security processes to understand how they actually run, based on observable event data.

InfoTrust

InfoTrust

InfoTrust is a leading specialised cybersecurity practice that combines a customer-first consulting approach with next-generation security solutions.

ClearSale (CLSA3)

ClearSale (CLSA3)

Clearsale’s innovative fraud solutions combine advanced technology with a passionate team of seasoned experts that understand every client’s unique needs.