작업 참가자는 Microsoft가 ZLoader 봇넷의 인프라를 제거한 방법을 설명했습니다.

헬가 스미스4 월 21, 2022마지막 업데이트: 4 월 21, 2022
19 1 분 읽기

Last week, 마이크로 소프트, ESET, 검은 연꽃 연구소, Palo Alto Networks, Health-ISAC and Financial Services-ISAC took control of the infamous ZLoader botnet following an injunction issued by the U.S. Court for the Northern District of Georgia.

포티넷, the company seized control of 65 hard-coded domains that ZLoader operators use to control the botnet, 게다가 319 more DGA-registered domains that the hackers used to create redundant communication channels.

The ZLoader botnet consists of computing devices in businesses, hospitals, schools and homes around the world and is operated by an international criminal group that offers malware as a service (MaaS) designed to steal and extort money. During the investigation, we found that one of the perpetrators of creating a component used in the ZLoader botnet to distribute ransomware is Denis Malikov, who lives in the city of Simferopol on the Crimean peninsula. We decided to name the person linked with this case to make it clear that cybercriminals are not allowed to hide behind online anonymity to commit their crimes.전문가들은 말한다.

Let me remind you that around the same time, another Botnet 못쓰게 만들다 Attacks More Than 100 피해자 일일.

Zloader (미국과 영국 정부는 이에 대해 경고했다. Terdot 또는 DELoader) is a well-known banking Trojan that was first discovered back in August 2015 during attacks on clients of several British financial companies. Its capabilities include capturing screenshots, harvesting cookies, stealing credentials and banking information, conducting reconnaissance on the device, triggeringpinningmechanisms on the device, providing remote access to attackers, 등등. The malware is almost entirely based on the source code of the Zeus 트로이 사람, which leaked over a decade ago.

At first, the malware was actively used to attack banks around the world, from Australia and Brazil to North America, and its ultimate goal was to collect financial data using web injections and social engineering in order to trick infected bank customers into giving up their authentication codes and credentials.

But in recent years, Zloader has evolved to include many other features, such as being able to act as a backdoor and give hackers remote access to an infected system, and it can also be used as a malware loader and to install additional payloads.

마이크로소프트와 ZLoader 봇넷
ZLoader Attack Scheme

하나, cybercriminality does not stopwe recently reported that 미국과 영국 정부는 이에 대해 경고했다. botnet attacks 미국과 영국 정부는 이에 대해 경고했다. 라우터.

Errol Weiss
Errol Weiss

Health-ISAC’s Chief Security Officer Errol Weiss said that legal solutions, such as the one that led to the fall of the ZLoader infrastructure, are being prepared in large-scale cooperation with a wide variety of organizations, including those affected by attacks by cybercriminals. 예를 들면, such as Health-ISAC.

Weiss told SC Media that, 사실로, 마이크로 소프트 has gone to court to grant them ownership of the infrastructure used by the bot.

They created a legal and technical strategy, combined, to use civil lawsuits filed against criminal gangs, botnet operators. They’d use the civil lawsuits, racketeering laws, and copyright law to show that those botnets were causing immediate harm to their customers. You can imagine all of the politics and socialization that had to happen in the background to make this happen.Errol Weiss said.
태그
헬가 스미스4 월 21, 2022마지막 업데이트: 4 월 21, 2022
19 1 분 읽기

헬가 스미스

저는 항상 컴퓨터 과학에 관심이있었습니다, 특히 데이터 보안 및 테마, 요즘은 "데이터 과학", 10 대 초반부터. 편집장으로 바이러스 제거 팀에 오기 전, 저는 여러 회사에서 사이버 보안 전문가로 일했습니다., 아마존 계약자 중 한 명 포함. 또 다른 경험: 나는 Arden과 Reading 대학에서 가르치고 있습니다..

회신을 남겨주

이 사이트는 스팸을 줄이기 위해 Akismet 플러그를 사용. 귀하의 코멘트 데이터가 처리되는 방법 알아보기.

맨 위로 버튼