Announcement

Collapse

Forum Rules (Everyone Must Read!!!)

1] What you CAN NOT post.

You agree, through your use of this service, that you will not use this forum to post any material which is:
- abusive
- vulgar
- hateful
- harassing
- personal attacks
- obscene

You also may not:
- post images that are too large (max is 500*500px)
- post any copyrighted material unless the copyright is owned by you or cited properly.
- post in UPPER CASE, which is considered yelling
- post messages which insult the Armenians, Armenian culture, traditions, etc
- post racist or other intentionally insensitive material that insults or attacks another culture (including Turks)

The Ankap thread is excluded from the strict rules because that place is more relaxed and you can vent and engage in light insults and humor. Notice it's not a blank ticket, but just a place to vent. If you go into the Ankap thread, you enter at your own risk of being clowned on.
What you PROBABLY SHOULD NOT post...
Do not post information that you will regret putting out in public. This site comes up on Google, is cached, and all of that, so be aware of that as you post. Do not ask the staff to go through and delete things that you regret making available on the web for all to see because we will not do it. Think before you post!


2] Use descriptive subject lines & research your post. This means use the SEARCH.

This reduces the chances of double-posting and it also makes it easier for people to see what they do/don't want to read. Using the search function will identify existing threads on the topic so we do not have multiple threads on the same topic.

3] Keep the focus.

Each forum has a focus on a certain topic. Questions outside the scope of a certain forum will either be moved to the appropriate forum, closed, or simply be deleted. Please post your topic in the most appropriate forum. Users that keep doing this will be warned, then banned.

4] Behave as you would in a public location.

This forum is no different than a public place. Behave yourself and act like a decent human being (i.e. be respectful). If you're unable to do so, you're not welcome here and will be made to leave.

5] Respect the authority of moderators/admins.

Public discussions of moderator/admin actions are not allowed on the forum. It is also prohibited to protest moderator actions in titles, avatars, and signatures. If you don't like something that a moderator did, PM or email the moderator and try your best to resolve the problem or difference in private.

6] Promotion of sites or products is not permitted.

Advertisements are not allowed in this venue. No blatant advertising or solicitations of or for business is prohibited.
This includes, but not limited to, personal resumes and links to products or
services with which the poster is affiliated, whether or not a fee is charged
for the product or service. Spamming, in which a user posts the same message repeatedly, is also prohibited.

7] We retain the right to remove any posts and/or Members for any reason, without prior notice.


- PLEASE READ -

Members are welcome to read posts and though we encourage your active participation in the forum, it is not required. If you do participate by posting, however, we expect that on the whole you contribute something to the forum. This means that the bulk of your posts should not be in "fun" threads (e.g. Ankap, Keep & Kill, This or That, etc.). Further, while occasionally it is appropriate to simply voice your agreement or approval, not all of your posts should be of this variety: "LOL Member213!" "I agree."
If it is evident that a member is simply posting for the sake of posting, they will be removed.


8] These Rules & Guidelines may be amended at any time. (last update September 17, 2009)

If you believe an individual is repeatedly breaking the rules, please report to admin/moderator.
See more
See less

Suspected Bredolab worm mastermind arrested in Armenia

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Suspected Bredolab worm mastermind arrested in Armenia

    A 27-year-old Armenian citizen, suspected of masterminding a computer worm that infected at least 30m computers worldwide, stealing financial information and sending out billions of malicious emails, has been arrested.

    Police in the Netherlands have seized and disconnected 143 computer servers that were being used by cybercriminals to co-ordinate one of the largest "botnet" attacks ever recorded. The malicious worm, named Bredolab, could infect up to 3 million computers a month and send out more than 3.6 billion infected emails a day.

    Infected machines will receive a notice detailing the extent of damage inflicted and advice on removing it at the time of the next login, the Dutch national crime squad confirmed.

    The 143 servers being used as a base for the attack are owned by the Dutch hosting provider LeaseWeb. The company identified the malicious use of a small portion of its servers in the summer, a day before Dutch authorities ordered LeaseWeb not to immediately destroy the botnet so that it could be forensically investigated.

    Today, Dutch police confirmed that an Armenian citizen, aged 27, has been arrested as the suspected mastermind behind the Bredolab network. Police declined to reveal the gender of the suspect, who was arrested at Yerevan airport on Monday evening and is being held in Armenia.

    Dutch authorities today said that the suspect made several attempts to retain control of the botnet after police seized and disconnected its servers.

    As a last throw of the dice, authorities said the suspect used 220,000 infected computers to orchestrate a so-called "distributed denial of service" (DDoS) attack against LeaseWeb.

    A typical email sent out by a Bredolab-infected machine would contain "news" of the death of a celebrity and invite recipients to open the attached file. Once the attachment is opened the machine becomes infected.

    The Bredolab virus takes complete remote control of a computer and has the ability to obtain sensitive information by recording keystrokes, accessing files, passwords and a user's financial data. Previously, cybercriminals have targeted users of the social networking sites Facebook and MySpace with the Bredolab worm.

    Early indications from security experts suggest that Bredolab has been almost completely stopped in its tracks by the actions of the Dutch police. Prior to 29 September, Trend Micro recorded an average of 200 Bredolab samples a day from its monitors – that figure fell dramatically to just four a day after this date.

    Alex De Joode, head of security at LeaseWeb, one of Europe's largest hosting providers, said the botnet had evaded detection because of its "highly sophisticated" method of lying under the radar.

    "Basically, this was a factory where you could buy, for example, 10,000 infections in the UK and a cybercriminal could upload a trojan or piece of software that could infect RBS or any bank and go on to attack British IP addresses," he said.

    "It is very significant, as the malware writer could specifically target their audience. Instead of sending an RBS trojan to Uzbekistan, they could direct it to the UK. It was also highly sophisticated because the interaction went through proxies, so there was no connection through LeaseWeb – it did not arouse suspicion because there was no irregular traffic patterns."

    De Joode said it was hard to estimate the scale of the damage done, or the amount of sensitive information collected, by those behind the attack at this stage, saying it was only clear that 30m computers around the world are capable of spreading the malware.

    Rik Ferguson, a senior security advisor at Trend Micro, said that his analysts tracked down the origination of Bredolab to Russia.

    "Bredolab was truly a global criminal distribution software network," he said. "It rose very quickly in prominence around August 2009, so we set up monitoring straight away. Interestingly, [Bredolab] tried pretty much every avenue possible to infect machines – including 'drive-by downloads', and installing other malware."

    An Armenian citizen is thought to be behind the Bredolab worm, which infected 30m computers worldwide and stole financial information

  • #2
    Re: Suspected Bredolab worm mastermind arrested in Armenia

    Only in certain ethnic groups, hackers can be formed, like Armenians, Italians, Je-ws. Dutch, Germans and French people don't have criminal hackers. A wise kitten told me that once

    Comment


    • #3
      Re: Suspected Bredolab worm mastermind arrested in Armenia

      Originally posted by Tigranakert View Post
      Only in certain ethnic groups, hackers can be formed, like Armenians, Italians, Je-ws. Dutch, Germans and French people don't have criminal hackers. A wise kitten told me that once
      In the good old days, he would have been a hero. Now the one world government rats out their own kind. Sad. If he was stealing from Swiss banks it would be like stealing from thieves
      "Nobody can give you freedom. Nobody can give you equality or justice or anything. If you're a man, you take it." ~Malcolm X

      Comment

      Working...
      X