US, South Korea site attacks traced back to UK
Summary
The denial-of-service attacks launched on websites in South Korea and the US earlier this month appear to have come from a master server in the UK.
Topics
The denial-of-service attacks launched on websites in South Korea and the US earlier this month appear to have come from a master server in the UK, according to security researchers in Vietnam.
The master server controls all the eight command and control servers involved in the series of distributed denial-of-service (DDoS) attacks that started on the July 4th weekend, security firm Bkis said in a blog posting on its website on Monday. Bkis succeeded in gaining control of two of the servers and analysed the logs.
The Vietnamese firm estimated the number of compromised PCs involved in the attacks to be around 167,000 in 74 countries.
Botnet expert Joe Stewart of SecureWorks told CNET News.com, that the number sounded high. Security experts had been estimating that there were 50,000 infected PCs in the botnet.
The attacks targeted dozens of government and commercial sites in the US and South Korea, causing temporary outages at many of them.
Code on the compromised PCs was set to erase or overwrite data late last week, but researchers in the US were not aware of any reports of that happening.
This article was first posted on CNET News.
Talkback Most Recent of 9 Talkback(s)
-
One would think .....
Assuming that these are all/mostly Windows PCs then MicroSoft (or any responsible party) should be able to scan, locate, and disinfect them whenever they connect the the internet (considering that MS has managed to make life miserable for legit users with their WGA thingy).
kd5auq15th Jul 2009 -
Infected PC's
If these PC's can be remotely infected, can they be
remotely cured?
trm194515th Jul 2009 -
You can...
You can cut off their internet after detecting the malware, but not so much cleaning their system without having some kind of client always running.. Then you get into why grandmas internet is turned off the liabilities of no internet like IP phones.. not to mention the public explosion..
What probably *should* happen is the ISP runs a filter and if you have malware you get a page that says you got malware, do this and fix it.
supercharlie15th Jul 2009 -
RE: US, South Korea site attacks traced back to UK
Lol. Traced back to a master server in the UK?
Presumably, the "server" was just another machine
infected with malware.
As anyone can do stuff online using the TOR network,
unless the hacker's a complete retard he would've used
it to hide his tracks. I suspect they'll have trouble
ever doing anyone for this, anything beyond "not
running a virus scanner" at-least. IIRC it's not
yet illegal, but you can bet it came two steps
closer once these attacks hit the news. I wonder if
Linux and MacOS will be spared?
Li1t16th Jul 2009 -
TOR network
============================================
"As anyone can do stuff online using the TOR network,
unless the hacker's a complete retard he would've used
it to hide his tracks."
============================================
LOL, you keep on thinking that.
The NSA can do end-to-end-correlation on TOR networks and, considering the Echelon mindset, I doubt if they are restricting themselves to US based networks.
Real pros will wardrive their access or use throwaways.
JOHN_TUOHY16th Jul 2009 -
I'll say it again
I've said this several times lately, but as soon as other OSs (or browsers, or email clients) become widespread enough for hackers to make a profit from them, then they will be targeted too. And they will be found to be unsecure.
All the Mozilla and Opera fans thought that their fave product was so secure, but now we're seeing publicized holes, security warnings, patches, etc. It's the same with the OS.
If Linux ever reaches critical mass among the general populace, we'll start seeing exploits. This is common sense. I've been doing IT for decades and have seen the cycles. It's inevitable because while technologies change, people don't.
RealGem16th Jul 2009 -
This ZDNET story brought to you by: Microsoft
Microsoft Windows, the most insecure operating system on the planet.
Thanks to weaknesses in the Microsoft Windows operating system, these kinds of stories will reappear over and over again, sad to say.
Folks, if you have had it with the Windows Security 'patch as patch can treadmill', then why not consider the alternatives?
Ubuntu 9.04 Linux is the operating system that Windows will never be.
Ubuntu Linux: The safest operating system on the planet.
Thank you very much for reading this alternative viewpoint.
.
Dietrich T. Schmitz17th Jul 2009 -
Platform Wars = Ridiculous
The gentleperson who earlier mentioned the MS gets nailed so much is it's pervasiveness is absolutely correct. If Apple or Unix were the big boys on the block, hackers would be ripping holes through them instead. Also consider this, most attacks and exploits have a specific human or corporate target in mind. They're not someone angry because (s)he saw a BSoD. This platform griping instead of people working together so ALL OS's are better and safer = ridiculous.
pbcasey17th Jul 2009 -
Partly true, but...
I agree that Linux and Apple do not get as much of cracker's attention as Microsoft's OS. And I also believe any piece of software (that is not extremely small) will not be perfect as far as security goes when it is first written. The reason that Linux would be safer is because when something that is not right is found, it is fixed much faster than Apple or Microsoft can.
Bjorik19th Jul 2009
Talkback - Tell Us What You Think
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Facebook Activity
