Check Website
Inclusion Status
It is currently Sat Sep 21, 2019 4:58 am

All times are UTC




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: Killing the beast...Part 4 (Ozdok)
PostPosted: Thu Nov 05, 2009 12:56 pm 
Offline
Site Admin

Joined: Thu May 28, 2009 10:25 am
Posts: 6018
Killing the beast...Part 4 (Ozdok)

Quote:
Ozdok a.k.a Mega-d is one of those botnets that has been very successful flying under the radar over the past few years. Recent stats by Marshal TRACE show Ozdok is currently responsible for about 4.2% of the world's overall SPAM. The question that arises again is who are the guys controlling this botnet, and more importantly from where? I recently conducted a detailed study of Ozdok's active command and control servers. There are two main things I took away from this study.

1. The USA is still a first choice for bad guys when it comes to hosting CnC servers.

2. After the McColo experience, these guys are no longer relying on a single net block for hosting their CnCs. To further ensure their safety, most botnets today are equipped with a fallback mechanism. As a matter of fact, in the case of Ozdok, there is more than one fallback mechanism involved. These come into play once the primary command and control structures fall apart. How? I'll explain that shortly.

Here is geo-locations of the Ozdok command and control servers based on last few months data:


Read more
http://blog.fireeye.com/research/2009/1 ... art-4.html

_________________
Regards
Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

Keeping it FREE!



IP:
top
Top
 Profile  
Reply with quote  
 Post subject: Re: Killing the beast...Part 4 (Ozdok)
PostPosted: Thu Nov 05, 2009 2:23 pm 
Offline
User avatar

Joined: Mon Oct 05, 2009 1:57 pm
Posts: 497
Location: Kent, UK
An interesting read and somewhat disheartening too :( I still think that punishment of these gangs should be severe when caught and this will eventually deter many newcomers to the scene.



IP:
top
Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
hpHosts and hpHosts Online are copyright © Malwarebytes Corp - All Rights Reserved

Powered by phpBB © 2000-2009 phpBB Group