- Joined
- Mar 26, 2010
- Messages
- 9,795 (1.90/day)
- Location
- Jakarta, Indonesia
System Name | micropage7 |
---|---|
Processor | Intel Xeon X3470 |
Motherboard | Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156) |
Cooling | Enermax ETS-T40F |
Memory | Samsung 8.00GB Dual-Channel DDR3 |
Video Card(s) | NVIDIA Quadro FX 1800 |
Storage | V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB |
Display(s) | Samsung 21 inch LCD Wide Screen |
Case | Icute Super 18 |
Audio Device(s) | Auzentech X-Fi Forte |
Power Supply | Silverstone 600 Watt |
Mouse | Logitech G502 |
Keyboard | Sades Excalibur + Taihao keycaps |
Software | Win 7 64-bit |
Benchmark Scores | Classified |
Symantec is going toe to toe with ZeroAccess,
one of the largest known botnets in existence
today. On any given day, ZeroAccess has
upwards of 1.9 million computers at its
disposal... or at least, it did. The team has been
working on a method called a sinkhole to take
down the botnet since March but a report
published by security researchers in May
discussing the weakness likely prompted the
ZeroAccess botmaster to upgrade the botnet to
prevent the sinkhole.
As such, a new version of the botnet surfaced
that patched the flaw which made it vulnerable
to being sinkholed. With a viable plan in place,
Symantec moved ahead with the plan and began
to sinkhole non-updated ZeroAccess infections
on July 16. The operation resulted in the
detachment of over half a million bots and made
a serious dent in the number of bots controlled
by the botmaster.
To understand the impact of the sinkhole,
Symantec suggests users need to understand
exactly what the botnet is used for.
Unlike other botnets, ZeroAccess appears to be
designed primarily to deliver payloads to infected
machines. Those payloads are what cause the
problems and with ZeroAccess, it boils down to
two types that are both aimed at generating
revenue: click fraud and Bitcoin mining.
In laboratory testing, Symantec found that each
bot generated roughly 42 false ad clicks per hour
which could potentially earn the botmaster tens
of millions of dollars in revenue per year. A
single computer mining Bitcoin is likely to earn
less than $1 per year but if you have 1.9 million
machines at your disposal, the equation changes
completely.
The job isn’t finished, Symantec warned, but
they’ve put a pretty heavy dent in the botnet.
They are now working with ISPs and CERTs
across the globe to share information and help
clean infected machines.
http://www.techspot.com/news/54194-symantec-grapples-with-one-of-the-largest-botnets-in-history.html