Data-stealing 'Mumba' botnet hits 55,000 systems
Summary
Topics
A criminal gang has stolen over 60GB of data using a botnet that has infected around 55,000 computers around the world, according to a report from security company AVG.
The botnet, which AVG has dubbed 'Mumba', has compromised systems in the UK, as well as in the US, Germany and Spain, the company said in a report (PDF link) released on Monday. The stolen credentials found by AVG's researchers includes bank account numbers, credit card details and social-networking logins.
"The Mumba botnet — so called because of some funky attributes our researchers found on the server — was created by one of the most sophisticated group of cybercriminals on the internet known as the Avalanche Group," AVG said in a blog post. The cyber-gang used the botnet to host phishing sites, store collected data and spread data-stealing malware, according to the report. AVG's researchers found that the compromised computers were spreading four different variants of the Zeus data-stealing Trojan.
The Mumba botnet uses a fast-flux infrastructure to minimise the risk to the criminal of takedown by law enforcement and other agencies. Fast-flux systems hide command-and-control servers within the body of infected computers by constantly reallocating the server.
For more on this story read Data-stealing 'Mumba' botnet hits 55,000 systems on ZDNet UK.
Talkback Most Recent of 10 Talkback(s)
-
Time for some slow, painful executions
Or, they type with their fingers, don't they?
TranMan4th Aug 2010 -
Mumba botnet (Not enough information)
I wish organizations that release articles about botnets and the like provide details like what tcp/udp port infected machines use to communicate with the command-and-control servers. I've read dozens of articles and NONE have provided useful information like this. Wonder why?
pguibord4th Aug 2010 -
RE: Data-stealing 'Mumba' botnet hits 55,000 systems
@pguibord
bord has a point, the people who actually read these articles want to know the details to better protect/monitor our environments. otherwise you are just telling us what can/will hit us and who did it but not how to stop them.
dexter_rivera@...4th Aug 2010 -
RE: Data-stealing 'Mumba' botnet hits 55,000 systems
@pguibord
@dexter_rivera@..
+1
Telling us there is something nasty out there without providing us with any technical information that might help us to protect ourselves, is about as much use as an ashtray on a motor bike!
Best wishes, G.
mrgoose4th Aug 2010 -
RE: Data-stealing 'Mumba' botnet hits 55,000 systems
yup, a little really useful info, like how to neutralize mumba would be nice. is mumba from kenya?
vger_z4th Aug 2010 -
RE: Data-stealing 'Mumba' botnet hits 55,000 systems
That's modern "reporting" for you. Hey here's a thing to worry about, have a great day and buy this softdrink.
biffjenkins4th Aug 2010 -
Not news anymore.
I was surprised at the small number of replies.
Botnets are a Windows experience.
Hoepfully more people will wise up and start using Linux.
Trying out something new from MS is like visiting the Wizard of Oz.
60GB of ASCII text only containing logins, card numbers and passwords is very, very substantial.
Joe.Smetona5th Aug 2010 -
what to do . . .
I'm pretty low-level in my countermeasures, but one thing I do is keep my equipment off while I'm not using it, and also keep an eye on resource consumption and processes with the utilities available from MS. So far, so good . . .
pikeman6666th Aug 2010 -
RE: Data-stealing 'Mumba' botnet hits 55,000 systems
@pikeman666
What you described sounds like texting and driving a car at the same time.Joe.Smetona7th Aug 2010 -
RE: Data-stealing 'Mumba' botnet hits 55,000 systems
Since the cited article said that AVG dubbed the name Mumba, I figured AVG free would detect and eliminate it. AVG free was a big download, and the download crashed. Think I'll throw the internet away and go back to the two tin cans w/string.
ejmiller@...13th Jun
Talkback - Tell Us What You Think
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Facebook Activity
