Poland's CERT thwarts Virut botnet

Share this article:

Poland's Computer Emergency Response Team (CERT) has launched a takedown effort against the Virut botnet, a network of more than 300,000 infected computers worldwide.

Last Friday, the Poland-based NASK (Research and Academic Computer Network) announced that it took control of more than 23 domain names associated with the botnet, which consisted of nearly 900 infected machines in Poland last year. CERT operates under NASK.

Virut is a virus often used by attackers to spread other malware via a backdoor. Most recently, crooks used Virut to spread the Waledac worm, malware targeting users of Windows systems that sends spam from infected machines.  

The virus also distributed banking malware Zeus, according to NASK, which dubbed Virut “one of the most disturbing threats active on the internet” since 2006. 

“Interestingly, Virut's main distribution vector is executable file infection, and most users would get infected by using removable media or sharing files over networks,” said the message from NASK. “However, more recent versions of the malware have been capable of infecting HTML files, injecting an invisible IFRAME that would download Virut from a remote site.”

VirusTotal, a subsidiary company of Google that offers a free malware detection online service, and Spamhaus, a Geneva, Switzerland-based international nonprofit that provides real-time spam protection for networks, also aided in the NASK's actions to thwart the Virut botnet.

Share this article:

Sign up to our newsletters

More in News

In Cisco probe, misuse or compromise spotted on all firms' networks

In Cisco probe, misuse or compromise spotted on ...

Cisco analyzed the business networks of 30 multinational companies last year, and revealed the findings in its 2014 Annual Security Report.

Fareit trojan observed spreading Necurs, Zbot and CryptoLocker

The Necurs and Zbot trojans, as well as CryptoLocker ransomware, has been observed by researchers as being spread through another trojan, known as Fareit.

Post Heartbleed, tech giants join initiative to bolster open source

Post Heartbleed, tech giants join initiative to bolster ...

The newly formed Core Infrastructure Initiative, created to boost under-funded open source projects, will tackle OpenSSL first.