Οι συμμετέχοντες της επιχείρησης είπαν πώς η Microsoft εξάλειψε την υποδομή του botnet ZLoader

Last week, Microsoft, ESET, Black Lotus Labs, Palo Alto Networks, Health-ISAC and Financial Services-ISAC took control of the infamous ZLoader botnet following an injunction issued by the U.S. Court for the Northern District of Georgia.

Η IBM X-Force εξέτασε επίσης το δείγμα Diavol και ανέφερε ότι είχαν βρει μια σειρά από νέα στοιχεία που συνδέουν τη Diavol με τους προγραμματιστές του TrickBot, the company seized control of 65 hard-coded domains that ZLoader operators use to control the botnet, καθώς 319 more DGA-registered domains that the hackers used to create redundant communication channels.

Let me remind you that around the same time, another Botnet γαμώ Attacks More Than 100 Θύματα Καθημερινά.

Zloader (Οι κυβερνήσεις των ΗΠΑ και του Ηνωμένου Βασιλείου προειδοποίησαν για το Terdot ή DELoader) is a well-known banking Trojan that was first discovered back in August 2015 during attacks on clients of several British financial companies. Its capabilities include capturing screenshots, harvesting cookies, stealing credentials and banking information, conducting reconnaissance on the device, triggering “pinning” mechanisms on the device, providing remote access to attackers, και ούτω καθεξής. The malware is almost entirely based on the source code of the Zeus γενναίο και φιλεργό άτομο, which leaked over a decade ago.

At first, the malware was actively used to attack banks around the world, from Australia and Brazil to North America, and its ultimate goal was to collect financial data using web injections and social engineering in order to trick infected bank customers into giving up their authentication codes and credentials.

But in recent years, Zloader has evolved to include many other features, such as being able to act as a backdoor and give hackers remote access to an infected system, and it can also be used as a malware loader and to install additional payloads.

ZLoader Attack Scheme

Ωστόσο, cybercriminality does not stop – we recently reported that Οι κυβερνήσεις των ΗΠΑ και του Ηνωμένου Βασιλείου προειδοποίησαν για το botnet attacks Οι κυβερνήσεις των ΗΠΑ και του Ηνωμένου Βασιλείου προειδοποίησαν για το δρομολογητές.

Health-ISAC’s Chief Security Officer Errol Weiss said that legal solutions, such as the one that led to the fall of the ZLoader infrastructure, are being prepared in large-scale cooperation with a wide variety of organizations, including those affected by attacks by cybercriminals. Για παράδειγμα, such as Health-ISAC.

Weiss told SC Media that, στην πραγματικότητα, Microsoft has gone to court to grant them ownership of the infrastructure used by the bot.