Back in early June Microsoft announced
it had taken down the GameOver Zeus botnet, in an effort to protect
customers. But, thwarting the internet bad guys is much more difficult
in practice than it is in theory. Now security researches claim the
phoenix is rising from its ashes.
The folks at Arbor Networks, a security research firm, have been keeping regular tabs,
and have noted a sudden and very rapid growth. The rise is actually due
to a new variant that seems to be spreading quickly, but has become
most prevalent in the US.
The firm tracked the variant, known as "newGOZ", through the final two
weeks of July. In the short period between July 14th and 25th the firm
saw a rise from 127 victims to an astonishing 8,494. However the final
check, on July 29th, actually showed a nice drop-off of 27 percent,
which should be encouraging for all.
But before you get too excited about that reprieve, Arbor points out "as
with all sinkhole data, many variables can affect the accuracy of
victims such as network topology (NAT and DHCP), timing, and other
security researchers. However, we feel that the data provides a good
estimation of the current scope of this new threat".
Not a single continent, excepting Antarctica, was safe from the
infestation, though North America, especially the US, ranked quite a bit
higher than other victims. In fact the US accounted for 44 percent of
the victims, followed by India at 22 percent. The UK finished third in
this race nobody wishes to run, coming in at 10 percent.
The researchers conclude with several questions regarding this new
threat -- will the perpetrators continue using this attack? If so, will
it continue to grow? Will those behind it return to the original P2P
version, which had a higher infection rate?
~ Alan Buckingham
0 comments:
Post a Comment