Re: ZeuS: 'A Virus Known as Botnet'

["Tomas L. Byrnes" <tomb () byrneit net>]

And that remote drop zone is limited in scope, and well known.



> -----Original Message-----
> From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
> On Behalf Of Gadi Evron
> Sent: Friday, February 19, 2010 5:38 AM
> To: funsec () linuxbox org
> Subject: Re: [funsec] ZeuS: 'A Virus Known as Botnet'
>
> On 2/19/10 3:26 PM, Paul Ferguson wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Spot on.
>
> It's just yet another banking/phishing trojan with a remote drop zone.
>
>       Gadi.
>
>
> > [snip]
> >
> > As a journalist who for almost ten years has sought to explain
> complex
> > computer security topics to a broad audience,  it's sometimes
> difficult
> > to be picky when major news publications over-hype an important
> security
> > story or screw up tiny details: For one thing, Internet security so
> seldom
> > receives more than surface treatment in the media that the increased
> > attention to the issue often seems to excuse the breathlessness with
> which
> > news organizations cover what may seem like breaking, exclusive
> stories.
> > The trouble with that line of thinking is that an over-hyped story
> tends to
> > lack important context that helps frame the piece in ways that make
> it more
> > relevant, timely, and actionable, as opposed to just sensational.
> >
> > I say this because several major media outlets, including The
> Washington
> > Post and the Wall Street Journal, on Thursday ran somewhat
uncritical
> > stories about a discovery by NetWitness, a security firm in Northern
> > Virginia that has spent some time detailing the breadth of
infections
> by a
> > single botnet made up of PCs infected with ZeuS, a password stealing
> Trojan
> > that lets criminals control the systems from afar. NetWitness found
> that
> > this particular variant of the botnet, which it dubbed "Kneber," had
> > invaded more than 2,500 corporations and 75,000 computers worldwide.
> >
> > [snip]
> >
> > Much more:
> > http://www.krebsonsecurity.com/2010/02/zeus-a-virus-known-as-botnet/
> >
> > My favorite:
> >
> > "This is just some of the context that would have been nice to see
in
> any
> > of the mainstream press treatment of this research. From where I
sit,
> > security stories that lack appropriate context tend to ring hollow,
> and
> > squander important opportunities to raise awareness on the size,
> scope and
> > real-world impact of these threats."
> >
> > - - ferg
> >
> > -----BEGIN PGP SIGNATURE-----
> > Version: PGP Desktop 9.5.3 (Build 5003)
> >
> > wj8DBQFLfpGXq1pz9mNUZTMRAuy9AKCELOvvsBPnY/cCLcO4b4y/Xbeh+wCg4uFq
> > Yq/n97/qyYLG2zKUOu/iJBw=
> > =EM5Q
> > -----END PGP SIGNATURE-----
>
>
> --
> Gadi Evron,
> ge () linuxbox org.
>
> Blog: http://gevron.livejournal.com/
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.