Eskenzi PR Eskenzi PR
  • About Us
Sunday, 7 March, 2021
IT Security Guru
Eskenzi PR
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

770,000 strong Simda botnet disrupted in global effort

by The Gurus
April 13, 2015
in Editor's News
Share on FacebookShare on Twitter

In a global operation coordinated by the INTERPOL Global Complex for Innovation in Singapore, a group of leading IT companies and law enforcement agencies have disrupted the Simda botnet.
Including a network of thousands of infected PCs around the world, the SIMDA malware collects information about an affected system, checks for the presence of certain processes, including those used for malware analysis and modifies HOSTS files, which redirects users to malicious sites whenever they try to access legitimate sites.
The botnet is believed to have infected and controlled 770, 000 computers worldwide, with the vast majority of victims located in the US (more than 90,000 new infections since the start of 2015).
In a series of simultaneous actions last week, ten command and control servers were seized in the Netherlands, with additional servers taken down in the US, Russia, Luxembourg and Poland. The operation involved officers from the Dutch National High Tech Crime Unit (NHTCU) in the Netherlands, the Federal Bureau of Investigation (FBI) in the US, the Police Grand-Ducale Section Nouvelles Technologies in Luxembourg and the Russian Ministry of the Interior’s Cybercrime Department “K” supported by the INTERPOL National Central Bureau in Moscow. Also involved were security firms including Kaspersky Lab, Microsoft, Trend Micro and Japan’s Cyber Defense Institute.
Simda worked as a “pay-per-install” malware which allowed cyber criminals to earn money by selling access to the botnet to other criminals who then installed additional programs on it. It was also used by a number of infected websites to redirect to exploit kits and the botnet has been seen in more than 190 countries, with the US and UK among the worst affected.
Sanjay Virmani, director of the INTERPOL Digital Crime Centre, said: “This successful operation highlights the value of, and need for partnerships involving national and international law enforcement and private industry in the fight against the global threat of cyber crime.
“The operation has dealt a significant blow to the Simda botnet.  INTERPOL will continue its work to assist member countries in protecting their citizens from cyber criminals and to identify other emerging threats.”
Vitaly Kamluk, principal security researcher at Kaspersky Lab, currently on secondment to INTERPOL, said that the collaborative effort of both private and public sectors is crucial here, as every party makes its own important contribution to the joint project.
“In this case, Kaspersky Lab’s role was to provide technical analysis of the bot, collect botnet telemetry from the Kaspersky Security Network and advise on takedown strategies,” he said.

0 0 vote
Article Rating
FacebookTweetLinkedIn
Tags: BotnetMalwareTakedown
ShareTweetShare
Previous Post

FireMon completes acquisition of Immediate Insight

Next Post

NSA wants "front door" access to encryption

Subscribe
Notify of
guest
guest
0 Comments
Inline Feedbacks
View all comments

Recent News

Malaysia Airlines

Malaysia and Singapore Airlines Breached in Third Party Hacks

March 5, 2021
Fraud attempts skyrocketed in 2020 according to latest Financial Crime Report from Feedzai

Fraud attempts skyrocketed in 2020 according to latest Financial Crime Report from Feedzai

March 4, 2021

Top 10 awards to enter for cybersecurity 

March 3, 2021
Medal

Identity theft: US Congressional Medal of Honor

March 3, 2021

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Women in Cyber 2020
    • Women in Cyber 2020 [SPONSORS]
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

More information
wpDiscuz
0
0
Would love your thoughts, please comment.x
()
x
| Reply
Privacy Settings / PENDINGGDPR Compliance

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Accept