Malware

CERT Polska tracks nosedive in Gameover Zeus traffic

On Tuesday, just a day after law enforcement announced an international effort to disrupt the Gameover Zeus botnet, CERT Polksa released early indicators that malicious traffic linked to the trojan had dropped significantly.

On Twitter, the computer emergency response team (CERT) shared a chart mapping the malicious traffic coming from infected botnet computers. Starting last Friday, the chart showed the number of sent packets per minute dove well below 500, as opposed to the earlier 1,000 to 2,000 range. By Saturday, it appeared that the incoming packets remained in the low hundreds or close to zero.

Disruption of the Gameover botnet coincided with federal prosecutors announcing criminal charges against the suspected botnet administrator, Evgeniy Bogachev, who remains at large. Prosecutors estimated that the botnet consisted of a network of 500,000 to one million infected computers running the Windows platform.

Related

Rootkit capabilities likely with Windows bugs

Several rootkit-like capabilities could be obtained by threat actors through the exploitation of vulnerabilities in Windows' DOS-to-NT path conversion process, including file and process concealment and compromised prefetch file analysis, reports The Hacker News.

Abusing GitHub flaw could compromise GitLab

Open-source DevOps software project GitLab has also been impacted by the same security issue in GitHub comments that has been exploited by threat actors through Microsoft repository-linked URLs to facilitate the distribution of malware that was made to seem to originate from credible entities' official source code repositories, according to BleepingComputer.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.