funsec mailing list archives

Re: Finjan botnet story - fact or fiction?


From: "Alex Lanstein" <alanstein () FireEye com>
Date: Wed, 22 Apr 2009 14:34:29 -0700

Are there any Finjan folks on this list?  Is this the one you're talking
about?

POST /BwKqrtnzY7AguJ0L99rQft/index.php HTTP/1.1
Accept: */*
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Win32)
Host: 95.129.145.24
Content-Length: 271
Connection: Keep-Alive
Pragma: no-cache

.~...{.'?..t..b........T.=$0..{..HzM{YJi.2..=.9w(Fj.+3..P.zRB...R...=...`V8.w..!....N....Jh{.n..r:...U.^.W.....t.I.....[..n.'1ISq..t..#{...%+7K.IK.M
.v.x..5/,..I^.&H$i

Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 44
Connection: close
Content-Type: text/html; charset=UTF-8

.....{.'5..t..M.cM.Q,.q..v....{..HzMtYJi.2..


Paul M. Moriarty wrote:
http://www.cbsnews.com/blogs/2009/04/22/world/worldwatch/entry4960984.shtml

"The FBI and British law enforcement authorities are trying to hunt  
down hackers responsible for the largest botnet (robot network) ever  
known to the IT world, according to a California-based Internet  
security company.

Finjan's Chief Technology Officer has told the Financial Times that  
six people based in Ukraine are suspected of compromising 1.9 million  
computers worldwide in just two months — many of them in the U.S. "

[...]

"However, Rupert Goodwins editor of CBSNews.com's sister site  
ZDNet.com, says Finjan has offered no hard evidence to back up their  
claim of discovering the world's largest-ever botnet. "

[...]

So, another new, big botnet or RSA publicity-seeking hype?

- Paul -


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.



-- 
Regards,

Alex Lanstein
Network/Systems Architect
FireEye, Inc.
http://blog.fireeye.com
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.


Current thread: