Join us in Wellington 4th December and Auckland 27th November
Want to help us test an ads-free Geekzone? Register for webpass now

Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.
Symantec and Microsoft work together to disrupt botnet
Posted on 8-Feb-2013 13:22. | Tags Filed under: News.

Symantec and Microsoft have joined forces to successfully tackle the Bamital botnet, which helped cyber gangs steal more than US$1.1 million annually.

Symantec has been tracking this botnet since late 2009 and recently partnered with Microsoft to identify and shut down all known components vital to the botnet's operation.

Bamital is a malware family whose primary purpose is to hijack search engine results, redirecting clicks to an attacker controlled command-and-control (C&C) server. The C&C server redirects the results to websites of the attackers' choosing.

Bamital also has the ability to click on advertisements without user interaction. This results in poor user experience when using search engines along with an increased risk of further malware infections.

The malware’s origin can be tracked back to late 2009 and has evolved through multiple variations over the past couple of years. Bamital has primarily propagated through drive-by-downloads and maliciously modified files in peer-to-peer (P2P) networks.

From analysis of a single Bamital C&C server over a six-week period in 2011 we were able to identify more than 1.8 million unique IP addresses communicating with the server, and an average of three million clicks being hijacked on a daily basis.

Recent information from the botnet shows the number of requests reaching the C&C server to be well over one million per day.

Clickfraud, the name used for the type of fraud committed by Bamital, is the process of a human or automated script emulating online user behaviour and clicking on online advertisements for monetary gain.

Bamital redirected end users to ads and content which they did not intend to visit. It also generated non-human initiated traffic on ads and websites with the intention of getting paid by ad networks. Bamital was also responsible for redirecting users to websites peddling malware under the guise of legitimate software.

Bamital is just one of many botnets that utilise clickfraud for monetary gain and to foster other cybercrime activities. Many of the attackers behind these schemes feel they are low risk as many users are unaware that their computers are being used for these activities.

More information:
comments powered by Disqus

Trending now »

Hot discussions in our forums right now:

A 17 second violation of airspace? Is Turkey nuts?
Created by DaveB, last reply by MikeB4 on 25-Nov-2015 22:14 (42 replies)
Pages... 2 3

Has Trade Me had its day?
Created by Rikkitic, last reply by DarthKermit on 25-Nov-2015 18:27 (86 replies)
Pages... 4 5 6

Huawei and 2degrees Nexus 6P 64/128 GB offer for Geekzone users
Created by freitasm, last reply by Sheagae on 25-Nov-2015 15:46 (645 replies)
Pages... 41 42 43

Chorus not knowing where their wires go.
Created by jpoc, last reply by MikeAqua on 25-Nov-2015 12:40 (15 replies)

Google Nexus 6P Owners Discussion
Created by Finch, last reply by dcstz on 25-Nov-2015 23:16 (311 replies)
Pages... 19 20 21

iPhone 6S 64GB Dead Pixel
Created by TimA, last reply by tardtasticx on 25-Nov-2015 23:16 (12 replies)

Item missing in the mail, vendor sends an extra invoice.
Created by michael001, last reply by keewee01 on 25-Nov-2015 12:51 (25 replies)
Pages... 2

DSE 'Click and Collect'
Created by amiga500, last reply by amiga500 on 24-Nov-2015 20:22 (11 replies)