Symantec Takes On One Of Largest Botnets In History

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
It's nice to see someone going after these scumbags. I never really gave it much thought before but, after looking at these stats, I think it's a good thing someone is trying to bring these guys down.

Symantec has seized part of the 1.9 million-computer strong ZeroAccess, one of the largest botnets in existence. In a blog post Monday, the security firm said the ZeroAccess botnet is primarily used to deliver payloads to infected computers, which is aimed at two illegal, revenue-generating activities: click fraud and bitcoin mining.
 
Kudos to Symantec. Regardless of their 'do good' actions, I will not purchase or install their anti-virus/Internet protection software.
 
It ain't.

It's only illegal if you break surreptitiously into someone else's computer (without their consent / knowledge) to do it.
 
The Sirfef-BS variation of ZeroAccess that got on my relative's WinXP PC disabled MSE by installing junction files into MSE's directory. That is rather nasty, because WinXP's Explorer can't deal with junction files, making any attempt to repair, uninstall or reinstall MSE fail. If you ever run into this, the solution is to boot up a linux CD like PartedMagic and rename the files and the folder they're in.
 
If you read the infographic closely, you'll realize that this botnet is consuming over half a million dollars worth of electricity per day to generate $2,000 worth of bitcoins. That's $280 of electricity per dollar of bitcoin.
 
If you read the infographic closely, you'll realize that this botnet is consuming over half a million dollars worth of electricity per day to generate $2,000 worth of bitcoins. That's $280 of electricity per dollar of bitcoin.

well yea CPU mining is stupidly slow but i guess if your not paying for it and you have a big bot net it adds up
 
The Sirfef-BS variation of ZeroAccess that got on my relative's WinXP PC disabled MSE by installing junction files into MSE's directory. That is rather nasty, because WinXP's Explorer can't deal with junction files, making any attempt to repair, uninstall or reinstall MSE fail. If you ever run into this, the solution is to boot up a linux CD like PartedMagic and rename the files and the folder they're in.

Actually the correct solution should be to get them the hell of WinXP.
 
since when is bitcoin mining illegal?

When you hijack other peoples computers with your virus and use their network, electricity, gpu/cpu blocks to do it for you and they get nothing in return.
 
I tried out some software not very long again and it installed a bitcoin client, I forget the tasks it ran, there were 2 of them but it was kinda surprising. Another surprising thing was malwarebytes / spybot didn't even pick them up.
 
I tried out some software not very long again and it installed a bitcoin client, I forget the tasks it ran, there were 2 of them but it was kinda surprising. Another surprising thing was malwarebytes / spybot didn't even pick them up.

If they were legitimate software it shouldn't. What they're talking about is a virus planting a bitcoin mining program on the user's machine without their knowledge. This is akin to someone stealing your car and using it to go to the bank while you're sleeping, then returning it in the morning and you're having to foot the gas and maintenance costs without having a clue about what's going on when your back is turned.
 
If you read the infographic closely, you'll realize that this botnet is consuming over half a million dollars worth of electricity per day to generate $2,000 worth of bitcoins. That's $280 of electricity per dollar of bitcoin.

you forgot the tens of millions of dollars for click fraud.
 
It was actually a screen saver *.scr from a a semi-well known website. You can add a virus inside a screen saver as all scr does is launch an exe.

Several people complained according to the site admin and it was taken down within 24 hours.
 
Botnets are so hard to take down as they are so cheap to set up. I can buy a botnet of 1000 computers for $10.
 
How the hell are there this many PC's infected with botnets. Jesus these people dont deserve the internet.
 
Now if Symantec could just produce an AV that isn't absolute garbage.. that'd be nice.
 
The Sirfef-BS variation of ZeroAccess that got on my relative's WinXP PC disabled MSE by installing junction files into MSE's directory. That is rather nasty, because WinXP's Explorer can't deal with junction files, making any attempt to repair, uninstall or reinstall MSE fail. If you ever run into this, the solution is to boot up a linux CD like PartedMagic and rename the files and the folder they're in.

No. Just no. You can either
A) Restore a backup from before the compromise or
B) Format and re-install Windows.

I will never use a Windows install after a compromise even if someone promised it was now "clean". I don't know why anyone would, there are too many tricks to get around detection, even those fairly versed with finding them should be very wary.
 
Now if Symantec could just produce an AV that isn't absolute garbage.. that'd be nice.

Amen! Though I was kind of partial to their Symantic Antivirus Corporate Edition back in the day. That one wasn't too bad.
 
well yea CPU mining is stupidly slow but i guess if your not paying for it and you have a big bot net it adds up

That's why you plant it in a GTA V or BF4 PC download, much higher chance of scoring a nice video card to mine with!
 
Kudos to Symantec. Regardless of their 'do good' actions, I will not purchase or install their anti-virus/Internet protection software.

Perhaps crawl out from under a rock and realize since their 360 suite they have completely redone their software from the ground up and it has been rated among the best over all out there
 
Perhaps crawl out from under a rock and realize since their 360 suite they have completely redone their software from the ground up and it has been rated among the best over all out there

I've heard their software is very good now, but I can never trust their billing department again after their shenanigans with subscriptions.
 
thats a whole other story.

On that note i myself do still prefer other companies over Norton due to their crappy past.
 
Now if Symantec could just produce an AV that isn't absolute garbage.. that'd be nice.

Since 2009, they're actually putting out quite a nice product. I ran it for 2 years, and it was light, fast, and had an excellent detection rate.
 
Which government are you talking about? The one that just shut down the Centers for Disease Control just in time for the flu season?

Yea thank god. I'm pretty sure their propping up the weak is actually lowering humanities resistance to disease. If they, or any doctor, would have never existed humans would have been much better off... it worked for humanity and every other species since the beginning of time, but then all the sudden we need to start taking sick people and pumping them with medicine to make them live and reproduce and make more susceptible humans.. what a joke.. thankfully they are closed. Maybe it will stay that way.
 
Back
Top