Continue reading »]]> Conficker worm could be ‘weaponized,’ web security researcher warns

November 2, 2009

http://www.mxlogic.com/securitynews/viruses-worms/conficker-worm-could-be-weaponized-web-security-researcher-warns574.cfm

In the year since the inception of the Conficker worm, a malicious strain of virus that has infected computers all over the globe, security researchers have tracked its spread to as many as 7 million machines.

Although internet security researchers at the Conficker Working Group advise that it is impossible to track the exact number of PCs infected by Conficker, the latest estimates put the worm’s spread at around the 7 million mark, a milestone in the making of a huge botnet, according to Computerworld.

Botnets are controlled by hackers, cyber criminals or sometimes governments for the purpose of launching spam, malware and distributed denial-of-service attacks (DDOS), which can overpower website servers with malicious traffic that slows or crashes websites.

As an element of cyber war, DDOS attacks require a large enough botnet to overpower defenses, according to security experts. Andre DiMino, co-founder of The Shadowserver Foundation, said a botnet the size of Conficker could be “weaponized” in a cyber attack.

“This is certainly a botnet that could be weaponized,” DeMino said, according to Computerworld. “When you have a net of this magnitude, the sky’s the limit in terms of what could be done.”

DDOS attacks launched last July shut down government, banking and commercial sites in the U.S. and South Korea. Smaller attacks have hit sites like Twitter, Facebook and news websites.

Continue reading »]]> With botnets everywhere, DDoS attacks get cheaper

By Robert McMillan ,

IDG News Service,

October 15, 2009

http://www.networkworld.com/news/2009/101509-with-botnets-everywhere-ddos-attacks.html?hpg1=bn

Cyber-crime just doesn’t pay like it used to.

Security researchers say the cost of criminal services such as distributed denial of service, or DDoS, attacks has dropped in recent months. The reason? Market economics. “The barriers to entry in that marketplace are so low you have people basically flooding the market,” said Jose Nazario, a security researcher with Arbor Networks. “The way you differentiate yourself is on price.”

Criminals have gotten better at hacking into unsuspecting computers and linking them together into so-called botnet networks, which can then be centrally controlled. Botnets are used to send spam, steal passwords, and sometimes to launch DDoS attacks, which flood victims’ servers with unwanted information. Often these networks are rented out as a kind of criminal software-as-a-service to third parties, who are typically recruited in online discussion boards.

DDoS attacks have been used to censor critics, take down rivals, wipe out online competitors and even extort money from legitimate businesses. Earlier this year a highly publicized DDoS attack targeted U.S. and South Korean servers, knocking a number of Web sites offline.

Are botnet operators having to cut costs like other businesses in these troubled economic times? Security researchers don’t know if that’s been a factor, but they do say that the supply of infected machines has been growing. In 2008, Symantec’s Internet sensors counted an average of 75,158 active bot-infected computers per day, a 31 percent jump from the previous year.

DDoS attacks may have cost hundreds or even thousands of dollars per day a few years ago, but in recent months researchers have seen them going for bargain-basement prices.

Nazario has seen DDoS attacks offered in the US$100-per-day range, but according to SecureWorks Security Researcher Kevin Stevens, prices have dropped to $30 to $50 on some Russian forums.

And DDoS attacks aren’t the only thing getting cheaper. Stevens says the cost of stolen credit card numbers and other kinds of identity information has dropped too. “Prices are dropping on almost everything,” he said.

While $100 per day might cover a garden-variety 100MB/second to 400MB/second attack, it might also procure something much weaker, depending on the seller. “There’s a lot of crap out there where you don’t really know what you’re getting,” said Zulfikar Ramzan, a technical director with Symantec Security Response. “Even though we are seeing some lower prices, it doesn’t mean that you’re going to get the same quality of goods.”

In general, prices for access to botnet computers have dropped dramatically since 2007, he said. But with the influx of generic and often untrustworthy services, players at the high end can now charge more, Ramzan said.