Microsoft and Interpol together for the takedown of the Simda botnet

Microsoft and Interpol have worked together to stop a malware infection (Simda) that has compromised over 770.000 Windows computers around the world.

The Simda is a “pay-per-install” software: scammers pay a certain amount of money for every 1.000 infected computers. So hackers earn quite a bit of cash from selling infected , and the crooks behind the scam are growing their botnet, constantly adding new infected computers. botnet Simda

Το κακόβουλο λογισμικό Simda, μόλις εγκατασταθεί είναι προγραμματισμένο να τρέχει μετά από κάθε εκκίνηση του μολυσμένου συστήματος. Σταματάει τη λειτουργία, κάθε λογισμικού προστασίας από ιούς, καταγράφει τις πληκτρολογήσεις που γίνονται από το χρήστη για να μπορεί να υποκλέψει ς and other sensitive information. The malware also downloads and executes banking Trojans and other malware.

Opens a backdoor to communicate with the administration and control server. So he can take orders from the brain behind the malicious software, and send him all the stolen data.

The botnet was spread with violations on legitimate websites, thus sending their visitors to websites hosting exploit kits.

The most polluted countries were the United States, the United Kingdom, Russia, Canada and Turkey, although Simda had spread its tentacles all over the world. The overwhelming majority of victims were in the US, where there were more than 90.000 new infections only from the beginning of 2015.

The raids began last Thursday, where they resulted in 10 διακομιστών εντολών και ελέγχου στην Ολλανδία, στις ΗΠΑ, τη Ρωσία, το Λουξεμβούργο και τη Πολωνία. Στην επιχείρηση συμμετείχαν αστυνομικοί από την Δίωξη Εγκλήματος Υψηλής Τεχνολογίας της Ολλανδίας (NHTCU), το FBI στις ΗΠΑ, και το ρωσικό Cybercrime Department “K” που υποστηρίζεται από την Interpol Central Bureau in Moscow.

Security companies Trend Micro and Kaspersky Lab have helped the authorities with the know-how they have to locate systems. The raid appears to have effectively destroyed the botnet by removing the servers that sent commands to infected PCs.

The takedown of the Simda botnet came after the "dismantling" of the Beebone botnet, which took place last week.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.082 registrants.

botnetexploitinterpolkitsMicrosoftsimdatakedown

Written by Dimitris

Dimitris hates on Mondays .....

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).