Jump to content


Photo

Pandemic of the botnets 2009


  • Please log in to reply
51 replies to this topic

#51 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 18 December 2009 - 05:30 PM

FYI...

Analysis of the iKee.B (Duh) iPhone Botnet
- http://www.csl.sri.c...ras/iPhone-Bot/
14 December 2009 - "... analysis of the iKee.B (duh) Apple iPhone bot client, captured on 25 November 2009. The bot client was released throughout several countries in Europe, with the initial purpose of stealing SMS content and coordinating its infected iPhones via a Lithuanian botnet server. This report details the logic and function of iKee's scripts, its configuration files, and its two binary executables, which we have reverse engineered to an approximation of their C source code implementation. The iKee bot is one of the latest offerings in smartphone malware, in this case targeting jailbroken iPhones. While its implementation is simple in comparison to the latest generation of PC-based malware, its implications demonstrate the potential extension of crimeware to this valuable new frontier of handheld consumer devices...
In early November 2009, Dutch users of jailbroken iPhones in T-Mobile's 3G IP range began experiencing extortion popup windows. The popup window notifies the victim that the phone has been hacked, and then sends that victim to a website where a $5 ransom payment is demanded to remove the malware infection. The teenage hacker who authored the malicious software (malware) had discovered that many jailbroken iPhones have been configured with a secure shell (SSH) network service with a known default root password..."
(Complete analysis at the URL above.)

- http://en.wikipedia....ilbreak_(iPhone)

- http://www.f-secure....s/00001822.html
November 22, 2009

:ph34r: :grrr: :ph34r:

Edited by apluswebmaster, 18 December 2009 - 05:51 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

#52 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 22 December 2009 - 06:26 AM

FYI...

Citibank hacked for millions...
- http://www.pcworld.c...ibank_hack.html
December 21, 2009 - "U.S. authorities are investigating the theft of an estimated tens of millions of dollars from Citibank by hackers partly using Russian software tailored for the attack, according to a news report. The security breach at the major U.S. bank was detected mid-year based on traffic from Internet addresses formerly used by the Russian Business Network gang, The Wall Street Journal said Tuesday*, citing unnamed government sources. The Russian Business Network is a well-known group linked to malicious software, hacking, child pornography and spam. The Federal Bureau of Investigation is probing the case, the report said. It was not known whether the money had been recovered and a Citibank representative said the company had not had any system breach or losses, according to the report. The report left unclear who the money was stolen from but said a program called Black Energy, designed by a Russian hacker, was one tool used in the attack. The tool can be used to command a botnet, or a large group of computers infected by malware and controlled by an attacker, in assaults meant to take down target Web sites. This year a modified version of the software appeared online that could steal banking information, and in the Citi attack a version tailored to target the bank was used, the Journal said. The attackers also targeted a U.S. government agency and one other unnamed entity, the report said, adding that it was unknown if the attackers accessed Citibank systems directly or through other parties."
* http://online.wsj.co...0820801177.html

- http://finance.yahoo...710519.html?x=0
December 22, 2009 - "... Citigroup denied the report. "We had no breach of the system and there were no losses, no customer losses, no bank losses," said Joe Petro, managing director of Citigroup's Security and Investigative services. "Any allegation that the FBI is working a case at Citigroup involving tens of millions of losses is just not true"..."

:ph34r: :ph34r:

Edited by apluswebmaster, 22 December 2009 - 10:57 AM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.




Member of UNITE
Support SpywareInfo Forum - click the button