Re: Finjan botnet story - fact or fiction?

[Rich Kulawiec <rsk () gsp org>]

On Wed, Apr 22, 2009 at 12:16:58PM -0700, Paul M. Moriarty wrote:
> Finjan's Chief Technology Officer has told the Financial Times that  
> six people based in Ukraine are suspected of compromising 1.9 million  
> computers worldwide in just two months ? many of them in the U.S. "

In other news, the sun rose in the east this morning.

This is a routine occurence, and has been for years.  Back around
2003-2004, Chris Lewis reported (on NANAE) that the CBL had days when
it detected 200K to 300K new zombies.  Picking an arbitrary number
well below that rate (100K/day) still yields 6M in two months.

Now of course those weren't all controlled by one person (or group
of persons), but that's merely a detail; control of hijacked systems
frequently passes from one entity to another, either as part of a
business arrangement, or because an already-compromised system is
sometimes more vulnerable to another compromise.

---Rsk
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.