funsec mailing list archives
Re: ZeuS: 'A Virus Known as Botnet'
From: "Tomas L. Byrnes" <tomb () byrneit net>
Date: Fri, 19 Feb 2010 21:14:13 -0800
And that remote drop zone is limited in scope, and well known.
-----Original Message----- From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org] On Behalf Of Gadi Evron Sent: Friday, February 19, 2010 5:38 AM To: funsec () linuxbox org Subject: Re: [funsec] ZeuS: 'A Virus Known as Botnet' On 2/19/10 3:26 PM, Paul Ferguson wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Spot on.It's just yet another banking/phishing trojan with a remote drop zone. Gadi.[snip] As a journalist who for almost ten years has sought to explaincomplexcomputer security topics to a broad audience, it's sometimesdifficultto be picky when major news publications over-hype an importantsecuritystory or screw up tiny details: For one thing, Internet security soseldomreceives more than surface treatment in the media that the increased attention to the issue often seems to excuse the breathlessness withwhichnews organizations cover what may seem like breaking, exclusivestories.The trouble with that line of thinking is that an over-hyped storytends tolack important context that helps frame the piece in ways that makeit morerelevant, timely, and actionable, as opposed to just sensational. I say this because several major media outlets, including TheWashingtonPost and the Wall Street Journal, on Thursday ran somewhat
uncritical
stories about a discovery by NetWitness, a security firm in Northern Virginia that has spent some time detailing the breadth of
infections
by asingle botnet made up of PCs infected with ZeuS, a password stealingTrojanthat lets criminals control the systems from afar. NetWitness foundthatthis particular variant of the botnet, which it dubbed "Kneber," had invaded more than 2,500 corporations and 75,000 computers worldwide. [snip] Much more: http://www.krebsonsecurity.com/2010/02/zeus-a-virus-known-as-botnet/ My favorite: "This is just some of the context that would have been nice to see
in
anyof the mainstream press treatment of this research. From where I
sit,
security stories that lack appropriate context tend to ring hollow,andsquander important opportunities to raise awareness on the size,scope andreal-world impact of these threats." - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLfpGXq1pz9mNUZTMRAuy9AKCELOvvsBPnY/cCLcO4b4y/Xbeh+wCg4uFq Yq/n97/qyYLG2zKUOu/iJBw= =EM5Q -----END PGP SIGNATURE------- Gadi Evron, ge () linuxbox org. Blog: http://gevron.livejournal.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- ZeuS: ‘A Virus Known as Botnet’ Paul Ferguson (Feb 19)
- Re: ZeuS: ‘A Virus Known as Botnet’ Gadi Evron (Feb 19)
- Re: ZeuS: 'A Virus Known as Botnet' Tomas L. Byrnes (Feb 19)
- Re: ZeuS: ‘A Virus Known as Botnet’ Gadi Evron (Feb 19)