Dutch National Crime Squad announces takedown of dangerous botnet

The High Tech Crime Team (THTC) of the National Crime Squad today announced the takedown of a dangerous botnet. The botnet had infected at least 30 million computers worldwide. The botnet was part of the Bredolab network, used by cybercriminals to distribute malware to unsuspecting users’ computers.

Working in close collaboration with a Dutch hosting provider; the Dutch Forensic Institute (NFI), the internet security company GOVCERT.NL and Fox IT, the Dutch computer emergency response team has now seized and disconnected 143 computer servers from the internet.

Bredolab is a Trojan horse computer virus that secretly attaches to the computers of users, when they browse certain infected web sites. Once the virus is on a computer a “backdoor” is secretly opened to allow the download of additional malicious software without the user’s knowledge. The Bredolab virus initially infects a computer when a user clicks on an email attachment containing the virus or installs itself automatically after a user visits an infected website.

Once installed a Bredolab virus takes complete control of the infected computer. The virus has the power to obtain information on the user’s computer including the ability to copy, change or delete files and other information. In addition, passwords and user financial data are stolen. Cybercriminals are able to monitor the activity of infected computer users by recording keystrokes.

Bredolab viruses are a dangerous threat, creating a high risk for computer users. In the past user of the social networks Facebook and MySpace have been attacked by Bredolab viruses.

The botnet network used servers hired in the Netherlands from a reseller of LeaseWeb, which is the largest hosting provider in the Netherlands, and one of the largest hosts in Europe. LeaseWeb fully cooperated in eradicating the issue from its network, as part of its Community Outreach program. The Dutch High Tech Crime Team discovered this botnet system in the late summer. During its investigation, the Team determined that the network was capable of infecting 3 million computers a month. At the end of 2009 it was estimated that 3.6 billion emails with Bredolab virus payloads were sent daily to unsuspecting computer users.

Users of computers with viruses from this network will receive a notice of at the time of next login with information on the degree of infection. They will receive helpful advice on removing the viruses from their system. This information will be provided in collaboration with GOVCERT.NL, Fox IT, and the National Criminal Investigation Service of the National Police Agency (KLPD).

The High Tech Crime Team focuses on the detection of the makers and distributors of Bredolab, and related forms of malware. Often these cybercriminals take refuge in Eastern Europe.

Gerelateerde berichten:

• Wanted botnet mastermind held in Armenia (26/10/10 19:22)
• Nationale Recherche haalt berucht botnet neer (25/10/10 20:00)
• Nederlandse recherche legt botnet lam (26/10/10 12:54)
• Brein achter berucht botnet aangehouden in Armenië (26/10/10 14:19)
• Brein achter berucht botnet aangehouden in Armenië (28/10/10 04:14)

Reacties:

Er zijn nog geen reacties op dit bericht.