Russian Hacker Pleads Guilty to Ebury Botnet Role
A Russian hacker has pleaded guilty to playing a major role in building the infamous Ebury botnet, which helped to fraudulently generate millions of dollars.
Maxim Senakh, 41, of Velikii Novgorod, pleaded guilty on Tuesday to conspiracy to violate the Computer Fraud and Abuse Act and to commit wire fraud.
Along with co-conspirators, Senakh is said to have helped develop the Ebury malware, which targeted the log-ins of servers running Solaris, Linux and similar Unix-like operating systems.
It’s a rootkit/backdoor Trojan designed to steal SSH log-in credentials from incoming and outgoing SSH connections.
They then combined these remotely controlled servers into a botnet, monetizing it via click fraud and spam campaigns, according to the Department of Justice.
The scams apparently compromised tens of thousands of servers around the world and earned Senakh and his co-conspirators millions of dollars in the process.
“As part of the plea, Senakh admitted that he supported the criminal enterprise by creating accounts with domain registrars which helped build the Ebury botnet infrastructure and personally profited from traffic generated by the Ebury botnet,” noted the DoJ.
The Ebury malware leaped to notoriety in 2011 when it was used to hack the Linux Kernel...
Read the Full Article: https://www.infosecurity-magazine.com/news/russian-hacker-pleads-guilty-to/
FBI Warns on FTP Attacks to Access Medical, Dental Info
The FBI is warning of an concerted effort on the part of cyber-criminals to target medical and dental facilities via their File Transfer Protocol (FTP) servers.
Criminals are accessing protected health information (PHI) and personally identifiable information (PII) in order to intimidate, harass and blackmail business owners. The Feds said that the Bureau is aware of criminal actors who are actively targeting such facilities via insecure FTPs that are operating in “anonymous” mode.
“Research conducted by the University of Michigan in 2015 titled, ‘FTP: The Forgotten Cloud,’ indicated over 1 million FTP servers were configured to allow anonymous access, potentially exposing sensitive data stored on the servers,” the FBI said in its alert. “The anonymous extension of FTP allows a user to authenticate to the FTP server with a common username such as ‘anonymous’ or ‘ftp’ without submitting a password or by submitting a generic password or email address.”
While computer security researchers are actively seeking FTP servers in anonymous mode to conduct legitimate research, cyber-criminals could also use an FTP server in anonymous mode and configured to allow “write” access to store malicious tools or launch targeted cyberattacks.
“In general, any misconfigured or unsecured server operating on a business network on which sensitive data is stored or processed exposes the business to data theft...
Read the Full Article: https://www.infosecurity-magazine.com/news/fbi-warns-on-ftp-attacks/
Сообщение было изменено Mr.Pr: 29 Март 2017 - 16:14