Kaspersky Labs: The Cash Factory
Hat-tip to Donna.
Kaspersky Lab announces the publication of its latest article, The Cash Factory. The article looks at the methods used by cyber criminals to create and run botnets in order to generate large profits.
The Cash Factory unveils the cyclical process used to create botnets from computers infected by the bot Backdoor.Win32.Bredolab. First, cyber criminals hack a site's content management system and modify its pages with tags that redirect to websites containing malicious exploits. These exploits pave the way for infection and penetration by other bots, which then join to form a botnet and obey commands issued from a remote command and control center.
The bots download malicious programs from the Internet, including a Trojan designed to steal passwords to FTP clients used to manage website content. These passwords can then be used by cyber criminals to modify websites and place malicious tags on their pages.
The process is essentially a vicious circle that can be repeated and extended, and is used by cyber criminals to ensure the smooth running of their "cash factory."
The full version of "The Cash Factory"
is available on the Kaspersky Labs Blog