Skip to comments.Russian Gang Hijacking PCs in Vast Scheme
Posted on 08/06/2008 12:00:14 PM PDT by Perseverando
A criminal gang is using software tools normally reserved for computer network administrators to infect thousands of PCs in corporate and government networks with programs that steal passwords and other information, a security researcher has found.
The new form of attack indicates that little progress has been made in defusing the threat of botnets, networks of infected computers that criminals use to send spam, steal passwords and do other forms of damage, according to computer security investigators.
Several security experts say that although attacks against network administrators are not new, the systematic use of administrative software to spread malicious software has not been widely seen until now.
The gang was identified publicly in May by Joe Stewart, director of malware research at SecureWorks, a computer security firm in Atlanta. Mr. Stewart, who has determined that the gang is based in Russia, was able to locate a central program controlling as many as 100,000 infected computers across the Internet. The program was running at a commercial Internet hosting computer center in Wisconsin.
Mr. Stewart alerted a federal law enforcement agency that he declined to identify, and he said that it was investigating the matter. Although the original command program was shut down, the gang immediately reconstituted the system, he said, moving the control program to another computer in the Ukraine, beyond the reach of law enforcement in the United States.
The system infects PCs with a program known as Coreflood that records keystrokes and steals other information. The network of infected computers collected as much as 500 gigabytes of data in a little more than a year and sent it back to the Wisconsin computer center, Mr. Stewart said.
One of the unique aspects of the malicious software is that it captures screen information in addition to
(Excerpt) Read more at nytimes.com ...
They're probably part of Putin's "gang". The ChiComs have been doing the same thing: attacking U.S. government computers.
Another reason not to use your credit card over the internet. The flaw in the internet business model.
By the way, I ran across the article on Drudge today.
Will be unable to post further today. Freep on!
Waht happen to the good ‘ol days when gangs dealt in drugs and whores?
I got news for ya - nothing new and not only Russian -
I understand one way for protection is to copy/paste your passwords rather than keystrokes/
IPC can be hijacked just as easy...
The problem isn't the Internet.
The problem is that Windows machines (and every one of the members of the bot nets is a Windows machine) are inherently buggy and prone to malware like this.
All software has flaws. Windows has so many that an entire criminal industry has sprung up around the existence of so many flaws.