All the latest UK technology news, reviews and analysis


Java exploits and ZeroAccess botnet cyber crooks' top tools

05 Feb 2013
Security padlock image

Cyber crooks are increasingly using botnets, exploits and banking Trojans to make money, according to Finnish security firm F-Secure.

F-Secure reported detecting marked increase in the use of the three attack types in the second half of 2012 in its H2 Threat Report on Tuesday.

"Three things visibly stand out in this past half year: botnets (with special reference to ZeroAccess), exploits (particularly against the Java development platform) and banking Trojans (Zeus)," the report warned.

F-Secure claimed the ZeroAccess success was systematic of its ability to generate income using a variety of means in highly profitable territories.

"Of all the botnets we saw this year, definitely the fastest growing one was ZeroAccess, which racked up millions of infections globally in 2012, with up to 140,000 unique IPs in the US and Europe," read the report.

The report highlighted click fraud and Bitcoin mining as the botnet's primary means of income.

"The ZeroAccess botnet reportedly clicks 140 million ads a day. As this is essentially click fraud, it has been estimated that the botnet is costing up to $900,000 of daily revenue loss to legitimate online advertisers," read the report.

"Bitcoin miners harness the computational power from the bots to perform complex calculations to find a missing block to verify Bitcoin transactions and that would reward them in more Bitcoin currency that is agreed within the same peer to peer network, and these can be converted to cash."

F-Secure security researcher Sean Sullivan, claimed that the botnet's prevalence could be systematic of the fact that its main victim isn't the infected machine's user.

"ZeroAcess is a click-fraud botnet. It's actually quite difficult to get real folks concerned about it as a threat. I've spoken with support people and if it isn't a banking Trojan consumers don't actually feel like something tangible is at risk," said Sullivan.

"Ad-fraud is not a "victimless" crime, but it is very intangible and the whole ZeroAcess botnet is well designed to take advantage of the situation."

As well as ZeroAccess the report also detected increased activity by the Carberp, Dorkbot and SpamSoldier botnets.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Poll

Microsoft Azure outage

Is cloud computing reliable enough for business yet?
22%
11%
22%
45%

Popular Threads

Powered by Disqus
The BlackBerry Z10 and Q10 go head-to-head

BlackBerry Z10 vs Q10 video showdown

We put two of the Canadian firm's latest devices head-to-head in our smartphone race

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Technical Consultant - Shell, PHP, MySQL - Midlands

Technical Consultant - Shell, PHP, MySQL - Midlands...

C# .Net Support Developer WPF / WCF - London Bank

This role sits within a cutting edge and delivery focussed...

PHP Developer PHP, MySQL, HTML5 / CSS3, JavaScript, GIT

PHP Developer - PHP / MySQL / HTML5 / CSS3 / JavaScript...

C# Developer - Mobile Developer - Xamarin - London

C# Developer - Mobile Developer - Xamarin -London...
To send to more than one email address, simply separate each address with a comma.