Facebook Takes Down Botnet that Infected 250,000 Computers

Share it:
Social Networking giants Facebook have taken down a Greece Bitcoin Botnet that spread through Facebook and infected about 250,000 computers. On Tuesday Facebook threat team have posted that, Police in Greece had arrested two men last week, who are found in the connection with the spamming  botnet called "Lecpetex", which mined the virtual currency Litecoin.

Facebook have noted that the botnet had affected 50,000 Facebook accounts and 250,000 computers world wide. The count of infected users are mainly from Greece, India, Poland, Norway, Portugal and some regions of U.S.

The boot net was around from December 2013 and last month, affecting Facebook and other online services. Some of the victims received private messages containing a “.zip” attachment containing a Java JAR file or Visual Basic script.

The spam botnet was spreading though Facebook message as like LoL Jar file malware attachment, and when users download and opened the attached file, it would execute an embedded Java archive file that would download Lecpetex main module and install a program to begin Litecoin mining secretly on the infected computer, and at the same time, other malware sent out from the botnet would steal bitcoins, email passwords and internet banking details.

“The operators put significant effort into evading our attachment scanning services by creating many variations of the malformed zip files that would open properly in Windows, but would cause various scanning techniques to fail,” the team wrote.
 The Lecpetex botnet after executed, retrieve other malware modules stored on remote sites. The modules were either DarkComet, a widely used remote access tool that can harvest login credentials, or variants of software that mines the virtual currency Litecoin.

When the authors of botnet knew that the Facebook team is tracing back them, they started leaving notes on command-and-control servers, and saying they weren't involved in fraud.

Facebook team had reported the issue to the Greece Cyber Crime Team and Greece team have also shown their strong activeness on the case.

With the depth effort of Facebook and help of Greece team, Greece police have arrested both authors of the Lecpetex botnet,  a 31 years old and 27 years old. 
Share it:

Facebook

Malware

News

Security

Post A Comment:

0 comments:

Follow by Email