Results 1 to 3 of 3

Thread: Botnet: The Cash Machine

  1. #1
    Moderator A Khan's Avatar
    Join Date
    Nov 2012
    ΑΡ Credit

    Botnet: The Cash Machine

    Cyber criminals are now relying on a zombie army made up of our PCs to rake in millions of dollars. Is your PC part of the army?

    Germany was hit by a tiny shock wave in January when news of the theft of 16 million login data records of emails and other accounts were leaked out. The BSI (The Federal Office for Information Security) received the data records that came from a botnet focusing on data theft.

    The commotion over the theft has now subsided, but this is not good; “the botnet method is not a new one, but is still ubiquitous and must not be underestimated”, says Candid Wüest, threat researcher at Symantec. There is a good chance that your computer or smartphone too is a part of a botnet.

    In 2012 alone, there were 5,291 security loopholes in PCs and 415 in mobile devices, which attackers could take advantage of and install a malicious code. Once a malware is inside a computer, criminals can remotely control and misuse your devices or even steal access data. These “zombie” PCs are the multifunctional army of the cyber underworld and bring in millions into their piggy banks.

    On behalf of third parties that are willing to pay, the attackers can bring providers to their knees. The Anti-DoS service CloudFlare registered a data flood of 400gbps in an attack on its servers only a devious botnet attack mostly made with the intention of blackmail can generate such a bandwidth. With regards to the Bamital botnet last year, the cyber criminals manipulated search engine requests on the zombie computers and concealed an ad link in every URL.

    The outcome: about three million clicks and US$2,700 (RM8,740) per day. The Bitcoin mining botnet ZeroAccess was even more lucrative. In this case, more than 1.9 million PCs lent their computing power to the cyber gangsters and the estimated profit is about US$100,000 (RM323,700) per day

    Distribution of the ZeroAccess botnet

    Manipulated ad URLs and Bitcoin mining made the operators of the zero access botnet rich. The illustrations shows where the zombie PCs came from.

    Name:  Distribution of the ZeroAccess botnet.jpg
Views: 114
Size:  54.5 KB

    Gateways for botnet viruses
    The most malicious codes were installed in 2012 through the zero day loopholes in the Java tool.

    Name:  Gateways for botnet viruses.jpg
Views: 131
Size:  24.8 KB

    How criminals earn millions through botnets
    The most difficult task is to get a malicious code onto a PC. Once the criminals manage to do that, they can take complete control of a computer from a remote place which can also be on the other side of the globe.

    Command & Control server

    All connected zombie PCs are stored in a database. The operators then send instructions using management software.

    Botnet Trojans

    Malware is installed in PCs through a loophole in the programme (see bottom on the left page). It then waits there for commands from the C&C servers.


    Distributed Denial of Service attacks can paralyse even large websites. To accomplish this task, zombie PCs send huge volumes of requests to the web server, which then gets paralyzed due to thousands of participating PCs.

    Bitcoin Mining

    With adequate computing power, the electronic currency can be calculated and exchanged for hard currency. Criminals draw this enormous computing power from millions of zombie PCs.

    Sending of spam

    Email services are quick to notice if an IP address is sending millions of spam and phishing mails. That’s why cyber criminals send these through hundreds of thousands of IP addresses in the botnet.

    Name:  How much cycber criminals earn through botnet.jpg
Views: 126
Size:  154.4 KB

    Depending on the purpose of use, the illegal botnets used by cyber criminals can be powerful spammers, data loggers or attack monsters

  2. #2
    Junior Member
    Join Date
    May 2014
    ΑΡ Credit
    Customers on the French Orange mobile network have had their personal data stolen by hackers, meaning that their names, email addresses, date of birth and phone numbers are in someone else's care.

    Orange hasn't said whether or not the data was encrypted - not helpful - and it has warned customers to watch out for possible phishing attempts via email, SMS or over the phone. It's not brilliant news for Orange, with the firm having experienced a similar attack already this year.

    Nearly every week, we hope that we have no hacking stories to relay to you and nearly every week, we are just as disappointed to note that we have at least one major hack to write about. Sigh.

  3. #3
    Junior Member
    Join Date
    Apr 2016
    ΑΡ Credit
    Whats illegal is still illegal

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts