Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • IT Management

    Bredolab Down but Far from Out After Botnet Takedown

    By
    Brian Prince
    -
    October 28, 2010
    Share
    Facebook
    Twitter
    Linkedin

      Authorities in the Netherlands made a media splash earlier this week when they announced the arrest of a man accused of running a massive botnet of Bredolab-infected PCs. But the impact of the takedown is not destined to last.

      Symantec told eWEEK Oct. 27 the company was still seeing e-mails containing the malware being spammed out. Likewise, researchers at Fortinet have reported seeing a new variant. All this despite the efforts by the Dutch National Crime Squad’s High Tech Crime Team and a host of partners.

      “Bredolab is a breed of pay-per-install malware – attackers can buy Bredolab infected bots in bulk, maybe 1,000 at a time, and install their chosen malware,” said Paul Wood, MessageLabs Intelligence senior analyst at Symantec Hosted Services. “Bredolab essentially just takes control of PCs, subsequently that resource may be used by some other attacker for more sinister purposes.”

      The gang behind Bredolab is making money from selling control of the PCs, Wood said.

      “Traditionally, attackers design their attack, something very specific, for example to steal personal information, or to try and create bots for a specific botnet,” he explained. “For attackers using this approach, the success rate is somewhat out of their control. But relatively recently, we have seen the emergence of malware threats like Bredolab – this malware [is] flexible but at its heart is designed simply to seize control of the victim’s PC. Later, this control can be used to download and install any malware – keyloggers, botnet, phishing, Fake AV [antivirus], and so on.”

      According to Derek Manky, project manager for cyber-security and threat research at Fortinet, said a new variant is in operation and contacting a command and control server in Russia.

      “We are monitoring this variant, and the C&C server is actively sending downloads to the infected clients,” he said. “Most of the downloads we are observing are new copies of the Grum/Tedroo spam bot, which is used to blast out spam mail. This variant was an update from a previous variant that we had, which contacted a C&C that has been taken offline. This may have been a reaction to update by the operators after the news in the Netherlands.”

      Pay-per-install downloaders like Bredolab allow attackers to buy control of machines knowing they can install their chosen malware on them with a 100 percent infection rate, Wood said.

      “It is likely that the authors of the threat are associated with affiliate schemes that are attempting to generate money through the distribution of malware,” he said. “The threat may also be used to help construct a bot network that can be sold or hired for monetary gain.”

      Still, disrupting 143 servers like authorities did this week is significant, Manky said.

      “It’s a big development since a large botnet has been dismantled, just like the Pushdo takedown around August and Zeus in September/October,” he said. “With that said, it is not the end of Bredolab.”

      Brian Prince

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×