427 Botnet fm qxd

upon demand. Using other software, the Serv-U ftp server appears to
be Windows Explorer in Task Manager.The data is being stored in
hidden directories that can’t be reached using Windows.
■
SPIM
Spam for Instant Messaging. Bots have now been used to
send phishing attacks and links to Web sites that upload malicious
code to your PC.
An example SPIM message:
ATTENTION...Windows.has.found.55.Critical.System.Errors...
To fix the errors please do the following:..
1
Download Registry Update from: www.regfixit.com.
2
Install Registry Update
3
Run Registry Update.
4
Reboot your computer
FAILURE TO ACT NOW MAY LEAD TO SYSTEM FAILURE!
McAfee’s Site Advisor flags the aforementioned site as one that uploads
malicious code.
Cases in the News
With bot authors publishing so many variants, you would think that it might
be easier to eventually catch some of these people. And you would be right.
“THr34t-Krew”
In February 2003, Andrew Harvey and Jordan Bradley (two authors of TK
worm), a GT Bot variant, were arrested in County Durham, in the U.K.The
U.K.’s National Hi-Tech Crime Unit worked in conjunction with the United
States multiagency CATCH team (Computer and Technology Crime Hi-
Tech Response Team). According to the NHTCU, the two men were mem-
bers of the International Hacking group “THr34t-Krew.” Rick Kavanagh, in
an article on IT Vibe (www.itvibe.com), Oct 10, 2005, reported that “Harvey,
24, and Bradley, 22, admitted ‘conspiracy to cause unauthorized modification
of computers with intent,’ between 31 December 2001 and 7 February 2003.”
It’s estimated that the worm did £5.5 million, or approximately US$11 

Download 6,98 Mb.

Do'stlaringiz bilan baham: