Posted on 09 April 2015. On April 8, a global operation targeted the Beebone (also known as AAEH) botnet, a polymorphic downloader bot which installs various forms of malware on victims’ computers.
Initial figures show that over 12,000 computers have been infected, however it is likely there are many more. The botnet does not seem the most widespread, however the malware is a very sophisticated one, allowing multiple forms of malware to compromise the security of the victims’ computers. http://www.net-security.org/images/articles/aaeh-worm-protection.jpg Full Article
Polymorphic Beebone botnet sinkholed in international police operation
+54+54It is good to see team work making a difference.
9th April 2015 By Sara Peters
Also, like Tovar and recent operations that disrupted Shylock and Hikit, Operation Source tapped the resources of a wide variety of organizations. In addition to the Dutch National High-Tech Crime Unit, agents from the FBI, Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce, and the National Cyber Investigative Joint Task Force worked on the effort. The private sector helped too, with researchers from Intel Security, Kaspersky Labs, and Shadowserver providing support.
What makes this case a bit different is that Beebone isn't nearly as widespread as some of the prior targets. Although Europol's announcement today states "it is likely there are many more," the estimate is that there are only about 12,000 Windows client and server machines infected with Beebone (most of which are in the United States).
Full Article
9th April 2015 By Sara Peters
Also, like Tovar and recent operations that disrupted Shylock and Hikit, Operation Source tapped the resources of a wide variety of organizations. In addition to the Dutch National High-Tech Crime Unit, agents from the FBI, Europol’s European Cybercrime Centre (EC3) and the Joint Cybercrime Action Taskforce, and the National Cyber Investigative Joint Task Force worked on the effort. The private sector helped too, with researchers from Intel Security, Kaspersky Labs, and Shadowserver providing support.
What makes this case a bit different is that Beebone isn't nearly as widespread as some of the prior targets. Although Europol's announcement today states "it is likely there are many more," the estimate is that there are only about 12,000 Windows client and server machines infected with Beebone (most of which are in the United States).
Full Article
1 person likes this
B
eebone deboned by the Joint Cybercrime Action Taskforce
10 Apr 2015 at 10:02, Alexander J Martin
A sophisticated botnet has been neutered by a consortium starring the Dutch National High Tech Crime Unit and the Joint Cybercrime Action Taskforce.
The botnet, known by a number of names, including AAEH and Beebone, was a "polymorphic downloader bot" which installed various forms of malware on victims’ computers.
Like an organic virus, the botnet reproduced modified versions of itself at a furious pace, thus in its own way evolving to avoid anti-virus software and to disable processes which could have been used to shut it down.
Talking to The Register, Raj Samani, Chief Technology Officer at Intel Security, said: "We've observed it issue new variations of itself at least six times a day, usually more often."
"It is called a polymorphic downloader because it constantly issues these different morphs," added Samani "and because it downloads other forms of malware rather than assuming the malware functions itself."
full article
1 person likes this
Reply
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.