Microsoft Leads FBI Coalition To Destroy Botnet

Uploaded on 2015-12-11 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Discovered in 2011 the Win32/Dorkbot malware has spread to over a million Windows PCs worldwide. During the last six months alone it had been infecting over 100,000 machines a month. Microsoft announced on Wednesday they had teamed up to enact a coordinated malware eradication campaign to disrupt the botnet.

The malware has been spread via a number of routes including USB drives, IM clients, Social Networks, Email and Drive-by downloads. Its primary aim was to steal online user credentials and any information that can personally identify you. It is also able to install yet more malware to your PC from command and control servers.

In order to take down Win32/Dorkbot, Microsoft worked with a number of organizations including ESET, Department of Homeland Security, Europol, FBI and Interpol. The take down joins a long list of ongoing successful efforts to disrupt malware networks.

Whilst not much was given away on actual specifics of the dismantling technique used, we do know it’s based on their established Coordinated Malware Eradication initiative. The CME program aims to co-ordinate information exchange and response from six key sectors. The goal being: Prosecute, Starve, Identify & Block, shun and set policies. Microsoft strategically cooperating with a diverse set of businesses and institutions, with each having their own role to prosecute in the operation.
    
    Security vendors: By sharing detection methods, malware behavior, and unpacking techniques, vendors can more quickly identity and block the malware families as they appear on network-connected endpoints and servers.
    
    Financial institutions: online search, and advertising businesses: With better fraudulent behaviour identification, these organizations can starve malware authors of their ill-gotten gains.

    
    CERTs and ISPs: Armed with vetted lists, CERTS and ISPs can block and take down deploy sites, and command and control servers.
    
    Law enforcement: Using correlated evidence, law enforcement can prosecute the people and organizations behind the malware.

 Microsoft’s own real-time security such as Windows Defender is equipped to remove this threat automatically. Advice on how to not become infected remains very much the same.

Be cautious when opening emails or social media messages from unknown users. Be wary about downloading software from websites other than the program developers. Run antimalware software regularly.

Microsoft also provides some additional tools, which can scan and remove this family of malware, it is the Microsoft Safety Scanner & Malicious Software Removal Tool.
NewWin: http://bit.ly/1lTSPse

 

« Australian Degree Course on Cyber War and Peace
The Biggest Cybersecurity Risk Is Not Identity Theft »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NextPlane

NextPlane

NextPlane provide secure real-time B2B unified communication and collaboration solutions within and across business systems.

Waterfall Security Solutions

Waterfall Security Solutions

Waterfall Security is focused on protecting critical infrastructure and industrial control systems from remote online cyber attacks,

British Assessment Bureau

British Assessment Bureau

The British Assessment Bureau is an ISO certification body. We check conformity and compliance of companies to recognised ISO standards including ISO 27001.

Lookout

Lookout

Lookout is the data-centric cloud security company that uses a defense-in-depth strategy to address the different stages of a modern cybersecurity attack.

Epati Information Technologies

Epati Information Technologies

ePati Information Technologies is a specialist in information technology and cyber security.

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

OcuCloud

OcuCloud

OcuCloud protects businesses' valuable information in the cloud, preventing security breaches caused by employees and remote vendors.

SparkLabs Cyber + Blockchain

SparkLabs Cyber + Blockchain

SparkLabs Cyber + Blockchain accelerator is located in Washington D.C. which is one of the world's top cybersecurity ecosystems.

Tehtris

Tehtris

TEHTRIS XDR Platform was developed to control and improve the IT security of private and public companies against advanced cyber threats such as cyber espionage or cyber sabotage activities.

Broadcom

Broadcom

Broadcom is a global technology leader that designs, develops and supplies a broad range of semiconductor and infrastructure software solutions.

EnigmaSoft

EnigmaSoft

EnigmaSoft is known for its PC anti-malware remediation utility and service under the tradename SpyHunter.

Redhorse

Redhorse

Redhorse provides top-tier consulting to help clients address mission-critical government problems in National Security, Networking Technology, Energy and the Environment.

Aryaka

Aryaka

Aryaka’s SmartServices offer connectivity, application acceleration, security, cloud networking and insights leveraging global orchestration and provisioning.

Condition Zebra

Condition Zebra

Condition Zebra has wide experience in providing IT Security Services, Training, and Certification in the field of cybersecurity.

HEQA Security

HEQA Security

HEQA Security (formerly QuantLR) offer the world’s most cost-effective, easy-to-integrate, and secure Quantum Key Distribution (QKD) solution

Nagomi Security

Nagomi Security

Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now.