NASK the domain registrar that operates the “.pl” Polish top-level domain registry has seized multiple domains used for cyber crime activities by spreading Waledac malware distributed by the Virut botnet. According to Poland’s Computer Emergency Response Team, Virut was first detected in 2006 and became a serious threat with an estimated size of more than 300,000 compromised computers.
NASK said that
on Thursday it began assuming control over 23 .pl domains that were
being used to operate the Virut network. Virut was responsible for 5.5%
of infections in Q3 2012, making it the fifth most widespread threat of
the time.
They determined that botnet consists of more than 308,000 uniquely
compromised machines and that its primary function is to pump out spam
and other malicious emails. The most recent take down effort was in
December 2012. Unfortunately, the Virut botnet gang managed to get the
malicious botnet domain names moved to a new registrar called home.pl quickly.
Symantec reported that with some 77,000 Waledac infected machines within
the Virut botnet generating an average of 2,000 spam messages an hour
for somewhere between 8 and 24 hours a day.
The Virut take down effort clearly illustrates the important and
meaningful role registries and registrars can play in the fight against
cyber crime in general. How long the shut-down of Virut will last this
time is unknown.
No comments:
Post a Comment