Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 


Symantec and Microsoft Tackle Click Fraud Botnet

Symantec and Microsoft Tackle Click Fraud Botnet

Symantec and Microsoft have joined forces to successfully tackle the Bamital botnet, which helped cyber gangs steal more than US$1.1 million annually.

Symantec has been tracking this botnet since late 2009 and recently partnered with Microsoft to identify and shut down all known components vital to the botnet's operation.

Bamital is a malware family whose primary purpose is to hijack search engine results, redirecting clicks to an attacker controlled command-and-control (C&C) server. The C&C server redirects the results to websites of the attackers' choosing.

Bamital also has the ability to click on advertisements without user interaction. This results in poor user experience when using search engines along with an increased risk of further malware infections.

The malware’s origin can be tracked back to late 2009 and has evolved through multiple variations over the past couple of years. Bamital has primarily propagated through drive-by-downloads and maliciously modified files in peer-to-peer (P2P) networks.

From analysis of a single Bamital C&C server over a six-week period in 2011 we were able to identify more than 1.8 million unique IP addresses communicating with the server, and an average of three million clicks being hijacked on a daily basis.

Recent information from the botnet shows the number of requests reaching the C&C server to be well over one million per day.

Clickfraud, the name used for the type of fraud committed by Bamital, is the process of a human or automated script emulating online user behaviour and clicking on online advertisements for monetary gain.

Bamital redirected end users to ads and content which they did not intend to visit. It also generated non-human initiated traffic on ads and websites with the intention of getting paid by ad networks.

Bamital was also responsible for redirecting users to websites peddling malware under the guise of legitimate software. The following video illustrates how Bamital exploits the online advertising model: http://www.symantec.com/tv/allvideos/details.jsp?vid=2142222223001&subcategory=security_response&pid=1

Bamital is just one of many botnets that utilise clickfraud for monetary gain and to foster other cybercrime activities. Many of the attackers behind these schemes feel they are low risk as many users are unaware that their computers are being used for these activities.

This takedown sends a message to those attackers that these clickfraud operations are being monitored and can be taken offline.

For further details on Bamital's activities you can download a copy of our whitepaper.

Details on recovering from a Bamital infection are available here: http://www.norton.com/bamital. Users of up-to-date Symantec security products are protected against Bamital and its variants.

Symantec Security Response would like to acknowledge Spain's Civil Guardia, Catalunyan CERT (CESICAT), and Microsoft for assisting us in understanding and ultimately bringing this botnet to its demise.

ends

© Scoop Media

 
 
 
 
 
Business Headlines | Sci-Tech Headlines

 

Sky City : Auckland Convention Centre Cost Jumps By A Fifth

SkyCity Entertainment Group, the casino and hotel operator, is in talks with the government on how to fund the increased cost of as much as $130 million to build an international convention centre in downtown Auckland, with further gambling concessions ruled out. The Auckland-based company has increased its estimate to build the centre to between $470 million and $530 million as the construction boom across the country drives up building costs and design changes add to the bill.
More>>

ALSO:

RMTU: Mediation Between Lyttelton Port And Union Fails

The Rail and Maritime Union (RMTU) has opted to continue its overtime ban indefinitely after mediation with the Lyttelton Port of Christchurch (LPC) failed to progress collective bargaining. More>>

Earlier:

Science Policy: Callaghan, NSC Funding Knocked In Submissions

Callaghan Innovation, which was last year allocated a budget of $566 million over four years to dish out research and development grants, and the National Science Challenges attracted criticism in submissions on the government’s draft national statement of science investment, with science funding largely seen as too fragmented. More>>

ALSO:

Scoop Business: Spark, Voda And Telstra To Lay New Trans-Tasman Cable

Spark New Zealand and Vodafone, New Zealand’s two dominant telecommunications providers, in partnership with Australian provider Telstra, will spend US$70 million building a trans-Tasman submarine cable to bolster broadband traffic between the neighbouring countries and the rest of the world. More>>

ALSO:

More:

Statistics: Current Account Deficit Widens

New Zealand's annual current account deficit was $6.1 billion (2.6 percent of GDP) for the year ended September 2014. This compares with a deficit of $5.8 billion (2.5 percent of GDP) for the year ended June 2014. More>>

ALSO:

Still In The Red: NZ Govt Shunts Out Surplus To 2016

The New Zealand government has pushed out its targeted return to surplus for a year as falling dairy prices and a low inflation environment has kept a lid on its rising tax take, but is still dangling a possible tax cut in 2017, the next election year and promising to try and achieve the surplus pledge on which it campaigned for election in September. More>>

ALSO:

Job Insecurity: Time For Jobs That Count In The Meat Industry

“Meat Workers face it all”, says Graham Cooke, Meat Workers Union National Secretary. “Seasonal work, dangerous jobs, casual and zero hours contracts, and increasing pressure on workers to join non-union individual agreements. More>>

ALSO:

Get More From Scoop

 
 
Standards New Zealand

Standards New Zealand
 
 
 
 
 
 
 
 
Business
Search Scoop  
 
 
Powered by Vodafone
NZ independent news