Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

New Waledec Botnet Variant Sniffs Passwords

wiredmikey (1824622) writes | more than 2 years ago

Botnet 0

wiredmikey (1824622) writes "The Waledec botnet, which was taken down in 2010 by Microsoft, was responsible for more spam delivery than any other botnet in its class with a reach of about 1.5 billion emails a day. Earlier this month, researchers at Palo Alto Networks discovered a third variant of the botnet, and it was serving up more than just spam.

According to the researchers, this new version includes the ability to sniff user credentials for FTP, POP3, SMTP, and steal .dat files for FTP and BitCoin, all of which can be uploaded to the botnet, and of course be very valuable for enabling further attacks.

While Palo Alto Networks discovered a third variant, following Microsoft’s takedown of Waledec, Shadowserver’s Steven Adair discovered a second variant in early 2011. A month later, researchers from malware intelligence firm Last Line were able to examine the botnet code and discovered 123,920 FTP account credentials. In addition to the FTP access, they discovered nearly 500,000 credentials used for POP3 services.

Just last week Symantec noticed Waledac spreading spam in what appears to have been an attempt at political activism.

So while the original botnet has been taken down and remains under the control of Microsoft, thse new variant pose new risks to users and organizations."

Link to Original Source

Sorry! There are no comments related to the filter you selected.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?