Russian Gang Hijacking PCs in Vast Scheme
John Markoff writes in The New York Times:
A criminal gang is using software tools normally reserved for computer network administrators to infect thousands of PCs in corporate and government networks with programs that steal passwords and other information, a security researcher has found.More here.
The new form of attack indicates that little progress has been made in defusing the threat of botnets, networks of infected computers that criminals use to send spam, steal passwords and do other forms of damage, according to computer security investigators.
Several security experts say that although attacks against network administrators are not new, the systematic use of administrative software to spread malicious software has not been widely seen until now.
The gang was identified publicly in May by Joe Stewart, director of malware research at SecureWorks, a computer security firm in Atlanta. Mr. Stewart, who has determined that the gang is based in Russia, was able to locate a central program controlling as many as 100,000 infected computers across the Internet. The program was running at a commercial Internet hosting computer center in Wisconsin.
Mr. Stewart alerted a federal law enforcement agency that he declined to identify, and he said that it was investigating the matter. Although the original command program was shut down, the gang immediately reconstituted the system, he said, moving the control program to another computer in the Ukraine, beyond the reach of law enforcement in the United States.