• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Symantec grapples with one of thelargest botnets in history

micropage7

micropage7

Joined
Mar 26, 2010
Messages
9,795 (1.90/day)
Location
Jakarta, Indonesia
System Specs
System Name micropage7
Processor Intel Xeon X3470
Motherboard Gigabyte Technology Co. Ltd. P55A-UD3R (Socket 1156)
Cooling Enermax ETS-T40F
Memory Samsung 8.00GB Dual-Channel DDR3
Video Card(s) NVIDIA Quadro FX 1800
Storage V-GEN03AS18EU120GB, Seagate 2 x 1TB and Seagate 4TB
Display(s) Samsung 21 inch LCD Wide Screen
Case Icute Super 18
Audio Device(s) Auzentech X-Fi Forte
Power Supply Silverstone 600 Watt
Mouse Logitech G502
Keyboard Sades Excalibur + Taihao keycaps
Software Win 7 64-bit
Benchmark Scores Classified



Symantec is going toe to toe with ZeroAccess,
one of the largest known botnets in existence
today. On any given day, ZeroAccess has
upwards of 1.9 million computers at its
disposal... or at least, it did. The team has been
working on a method called a sinkhole to take
down the botnet since March but a report
published by security researchers in May
discussing the weakness likely prompted the
ZeroAccess botmaster to upgrade the botnet to
prevent the sinkhole.
As such, a new version of the botnet surfaced
that patched the flaw which made it vulnerable
to being sinkholed. With a viable plan in place,
Symantec moved ahead with the plan and began
to sinkhole non-updated ZeroAccess infections
on July 16. The operation resulted in the
detachment of over half a million bots and made
a serious dent in the number of bots controlled
by the botmaster.
To understand the impact of the sinkhole,
Symantec suggests users need to understand
exactly what the botnet is used for.
Unlike other botnets, ZeroAccess appears to be
designed primarily to deliver payloads to infected
machines. Those payloads are what cause the
problems and with ZeroAccess, it boils down to
two types that are both aimed at generating
revenue: click fraud and Bitcoin mining.

In laboratory testing, Symantec found that each
bot generated roughly 42 false ad clicks per hour
which could potentially earn the botmaster tens
of millions of dollars in revenue per year. A
single computer mining Bitcoin is likely to earn
less than $1 per year but if you have 1.9 million
machines at your disposal, the equation changes
completely.
The job isn’t finished, Symantec warned, but
they’ve put a pretty heavy dent in the botnet.
They are now working with ISPs and CERTs
across the globe to share information and help
clean infected machines.

http://www.techspot.com/news/54194-symantec-grapples-with-one-of-the-largest-botnets-in-history.html
 
RCoon

RCoon

Joined
Apr 19, 2012
Messages
12,062 (2.75/day)
Location
Gypsyland, UK
System Specs
System Name HP Omen 17
Processor i7 7700HQ
Memory 16GB 2400Mhz DDR4
Video Card(s) GTX 1060
Storage Samsung SM961 256GB + HGST 1TB
Display(s) 1080p IPS G-SYNC 75Hz
Audio Device(s) Bang & Olufsen
Power Supply 230W
Mouse Roccat Kone XTD+
Software Win 10 Pro
I dont think the botmaster cares. All those millions $$$ generated.
 
AsRock

AsRock

TPU addict
Joined
Jun 23, 2007
Messages
18,875 (3.07/day)
Location
UK\USA
System Specs
Processor AMD 3900X \ AMD 7700X
Motherboard ASRock AM4 X570 Pro 4 \ ASUS X670Xe TUF
Cooling D15
Memory Patriot 2x16GB PVS432G320C6K \ G.Skill Flare X5 F5-6000J3238F 2x16GB
Video Card(s) eVga GTX1060 SSC \ XFX RX 6950XT RX-695XATBD9
Storage Sammy 860, MX500, Sabrent Rocket 4 Sammy Evo 980 \ 1xSabrent Rocket 4+, Sammy 2x990 Pro
Display(s) Samsung 1080P \ LG 43UN700
Case Fractal Design Pop Air 2x140mm fans from Torrent \ Fractal Design Torrent 2 SilverStone FHP141x2
Audio Device(s) Yamaha RX-V677 \ Yamaha CX-830+Yamaha MX-630 Infinity RS4000\Paradigm P Studio 20, Blue Yeti
Power Supply Seasonic Prime TX-750 \ Corsair RM1000X Shift
Mouse Steelseries Sensei wireless \ Steelseries Sensei wireless
Keyboard Logitech K120 \ Wooting Two HE
Benchmark Scores Meh benchmarks.
RCoon said:
I dont think the botmaster cares. All those millions $$$ generated.
Click to expand...

No probably not but it's some thing that should be added to A/V's and i know i don't want the crap on my system.

Just a shame Symantec are the ones tht are doing it as their software might be free to me ( comcast user )but it's never done what i wanted or needed.

Maybe this will encourage others to follow as well now.
 
Arctucas

Arctucas

Joined
Jul 14, 2006
Messages
2,419 (0.37/day)
Location
People's Republic of America
System Specs
System Name It's just a computer
Processor i9-14900K Direct Die
Motherboard MSI Z790 ACE MAX
Cooling Dual D5T Vario, XSPC BayRes, Nemesis GTR560, NF-A14-iPPC3000PWM, NF-A14-iPPC2000, IceMan DD block
Memory G.SKILL F5-7200J3646F24GX2-TZ5RK
Video Card(s) eVGA RTX2080 FTW3 Ultra
Storage Samsung 990 PRO 1TB M.2
Display(s) LG 32GK650F
Case Thermaltake Xaser VI
Audio Device(s) Auzentech X-Meridian 7.1 2G/Z-5500
Power Supply Seasonic Prime PX-1300
Mouse Logitech
Keyboard Logitech
Software Win11PRO
Or, one could pay attention to what one's PC is doing; i.e. monitor Internet connections and applications.

Sysinternals has all the tools one needs.
 
twicksisted

twicksisted

Joined
Oct 4, 2007
Messages
2,452 (0.41/day)
System Specs
System Name PC
Processor i7 9700KF
Motherboard MSI Z390 A PRO
Cooling Noctua NH-U14S
Memory 32GB Corsair Vengeance DDR4 3000mhz
Video Card(s) PALIT RTX 4070 Dual 12Gb
Storage 2X Crucial MX500 2TB SSD, Samsung 850 pro 512gb SSD
Display(s) DELL C34H89x 34" Ultrawide
Case Corsair Obsidian 550D
Audio Device(s) Audioengine A5+ Speakers
Power Supply Corsair RM750
Mouse Logitech G403
Keyboard Corsair Vengeance K70
Software Windows 10 64bit
dammit they're onto me!!! :p
 
You must log in or register to reply here.
Top