Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Microsoft disrupts traffic associated with the Nitol botnet

Published: 2012-09-13
Last Updated: 2012-09-13 13:53:56 UTC
by Mark Baggett (Version: 1)
1 comment(s)

There is an interesting article that was just published by Microsoft's Digital Crimes Unit.   Attackers have been infecting manufacturer supply chains to spread their evil warez.   Some unnamed manufacturers have been selling products loaded with "counterfeit versions of Windows software embedded with harmful malware."   The article goes on to say that the "Malware allows criminals to steal a person’s personal information to access and abuse their online services, including e-mail, social networking accounts and online bank accounts. Examples of this abuse include malware sending fake e-mails and social media posts to a victim’s family, friends and co-workers to scam them out of money, sell them dangerous counterfeit drugs, and infect their computers with malware."    Microsoft worked with law enforcement and began filtering traffic associated with the domain to disrupt the botnet's communications.

The full story is here:


Join me in San Antonio Texas November 27th for SANS 504 Hacker Techniques, Exploits and Incident Response!  Register Today!!

Mark Baggett

Twitter: @MarkBaggett

1 comment(s)
Diary Archives