funsec mailing list archives
Re: ZeuS: ‘A Virus Known as Botnet’
From: Gadi Evron <ge () linuxbox org>
Date: Fri, 19 Feb 2010 15:37:30 +0200
On 2/19/10 3:26 PM, Paul Ferguson wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Spot on.
It's just yet another banking/phishing trojan with a remote drop zone. Gadi.
[snip] As a journalist who for almost ten years has sought to explain complex computer security topics to a broad audience, it’s sometimes difficult to be picky when major news publications over-hype an important security story or screw up tiny details: For one thing, Internet security so seldom receives more than surface treatment in the media that the increased attention to the issue often seems to excuse the breathlessness with which news organizations cover what may seem like breaking, exclusive stories. The trouble with that line of thinking is that an over-hyped story tends to lack important context that helps frame the piece in ways that make it more relevant, timely, and actionable, as opposed to just sensational. I say this because several major media outlets, including The Washington Post and the Wall Street Journal, on Thursday ran somewhat uncritical stories about a discovery by NetWitness, a security firm in Northern Virginia that has spent some time detailing the breadth of infections by a single botnet made up of PCs infected with ZeuS, a password stealing Trojan that lets criminals control the systems from afar. NetWitness found that this particular variant of the botnet, which it dubbed “Kneber,” had invaded more than 2,500 corporations and 75,000 computers worldwide. [snip] Much more: http://www.krebsonsecurity.com/2010/02/zeus-a-virus-known-as-botnet/ My favorite: "This is just some of the context that would have been nice to see in any of the mainstream press treatment of this research. From where I sit, security stories that lack appropriate context tend to ring hollow, and squander important opportunities to raise awareness on the size, scope and real-world impact of these threats." - - ferg -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.5.3 (Build 5003) wj8DBQFLfpGXq1pz9mNUZTMRAuy9AKCELOvvsBPnY/cCLcO4b4y/Xbeh+wCg4uFq Yq/n97/qyYLG2zKUOu/iJBw= =EM5Q -----END PGP SIGNATURE-----
-- Gadi Evron, ge () linuxbox org. Blog: http://gevron.livejournal.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- ZeuS: ‘A Virus Known as Botnet’ Paul Ferguson (Feb 19)
- Re: ZeuS: ‘A Virus Known as Botnet’ Gadi Evron (Feb 19)
- Re: ZeuS: 'A Virus Known as Botnet' Tomas L. Byrnes (Feb 19)
- Re: ZeuS: ‘A Virus Known as Botnet’ Gadi Evron (Feb 19)