Botnets on the Loose

By Sue Poremba | Feb 3, 2011 | Print this Page
http://www.enterprisenetworkingplanet.com/netsecur/botnets-loose
Last fall, I wrote a blog post warning that 2011 could be the year of the botnet. Based on an e-mail that I received today, that prediction could be spot on.

First I heard from M86 Security Labs reporting on a new botnet called Donbot that is targeting Bank of America customers. According the company's blog:

This phishing trick is standard fare, as it claims to be from "Bank of America” and requires that the user to download the attachment and fill out a form for an "online security measure”.

The upside here is that Bank of America appears to be on top of this attack.

A short time later, I saw that SearchSecurity.com reported on the resurgence of the Waledac botnet, which was supposed to shut down after legal action from Microsoft last year. Robert Westervelt wrote:

Researchers at Santa Barbara, Calif.-based LastLine Inc. have been studying the Waledac botnet, and discovered a cache of nearly 124,000 login credentials to FTP servers and 500,000 credentials for POP3 email accounts.

Waledac, the article says, has ties to the Conflicker worm and produced 1.5 billion pieces of spam daily at its peak.

On the plus side, these are two botnets that aren't doing anything new and unusual (as M86 stated, botnets aiming to steal banking information at specific financial institutions are an on-going issue). Also, no news about new or returning botnets is good news.