Posted on 03/03/2010 6:37:02 AM PST by JoeProBono
Another day, another botnet. This time, it has the rather pretty name of Mariposa - it means butterfly - and is believed to be one of the world's largest.
More than 13 million PCs were infected by Mariposa, which apparently infected more than half the world's 1,000 largest companies and at least 40 major financial institutions.
The botnet was , and three men have been arrested. According to Panda Security, the three men used the aliases Netkairo, Ostiator and Johnyloleante.
"Designed for information theft, Mariposa has stolen personal data from millions of compromised computers," says Defence Intelligence.
"Amongst this personal data was account information, usernames, passwords, and banking details. Additional malware downloaded by Mariposa has also been used in distributed denial of service attacks."
Mariposa was able to spread through a vulnerability in Internet Explorer, but also infected USB sticks and messages sent via MSN.
"Our preliminary analysis indicates that the botmasters did not have advanced hacking skills, said Pedro Bustamante, senior research advisor at Panda Security.
"This is very alarming because it proves how sophisticated and effective malware distribution software has become, empowering relatively unskilled cyber criminals to inflict major damage and financial loss."
Why is it so hard to find the little bastards creating these viruses (or whatever) and shoot them?
Really. I’m sure there are lots of people who would volunteer to do the shooting.
bump
It is clear the punishment versus the rewards for this kind of crime is not severe enough.
Infections such as this are good reasons to move to a 64-bit OS if you stay with Windows.
There are few exploits that can be made to work on a 64-bit system with the many extra protections there. Some 32-bit classes of viruses can do some things in a 64-bit system, but they can’t take it over. Also, memory space allocation is randomized and DEP is made effective for all executables so that malware that breaks programs can’t give out access (instead that application simply crashes).
However, all of your 32-bit programs work in an emulated environment and you need special 64-bit versions to truly take advantage of other features.
Everyone should move to a 64-bit OS ASAP.
“...if you stay with Windows...”
In terms of computer security knowledge, I’m somewhere is the middle, between neophyte and security guru, so I welcome other people’s perspectives. :-) Most exploits seem designed for the Windows environment (executable binaries, permissions), so would you agree that the Mac and Linux are inherently safer? How much safer? Are there actual threats in the wild that could exploit Firefox running on the Mac or Linux? I run both Windows and Linux, so this is not a trick question - I simply want the opinions of as many people as I can find. Thanks.
SAN FRANCISCO, Feb. 24 (UPI) — An appliance to be unveiled at California’s premier international security conference next week is being marketed as the world’s first comprehensive counter-hacking device that may address urgent issues arising from amateur and professional hacking of business and government computers.
Hacking and related cybercrime and the risk of spinoffs for terrorism were blamed for widespread damage to computer systems in North America and elsewhere last year.
Large-scale hacking of computers at government departments and corporate establishments was behind the Obama administration’s campaign in fall 2009 to raise awareness of cybercrime.
The U.S. Congress has issued alerts of potential linkages between computer hacking, crime and cyberterrorism and urged the administration to focus more on hacking to eliminate the problem.
Mykonos Software, developers of Web-based technological security solutions, said the company would unveil the new appliance at the RSA Security Conference, next Monday-Friday in San Francisco.
The appliance is designed to trap and confound hackers in real-time with the Web-based appliance, which will be part of a live demonstration at the conference, Mykonos Software said.
“The primary security threat for businesses has shifted from the network layer to the application layer,” Mykonos said.
The Mykonos Security Appliance gives system administrators and security staff a real-time view of hackers as they introspect Web applications. It profiles hackers in real-time, ascertaining their location, skill level and other critical data and enables information technology staff to instantly deploy countermeasures, said the company.
The Mykonos security appliance is targeted at financial services and insurance companies, healthcare companies, e-commerce companies, government entities and other high-profile targets of Web-based hacking attempts, Mykonos said.
“As businesses continue to deploy applications to the Web, they are exposing a massive attack surface for hackers to exploit,” said David Koretz, president and chief executive officer of Mykonos Software. As a result, he indicated, the primary security threat for businesses has shifted from the network layer to the application layer.
Wouldn't a 128-bit OS provide double the security?
By the way: What's an "OS," and how can I tell how many "bits" mine has?
Regards,
Yes, both of those environments are definitely more inherently safer.
Yes, exploits that use scripts or bugs within programs like Flash and Java can do limited things on Linux and the Mac, but typically these are not much of an issue (likely just crashing those environments, sometimes doing fairly more than that).
To be fair, there are security issues with those environments too, but definitely to date there have been very few exploits (especially for the Mac OS). That said, popularity breeds contempt, and because comparatively few have Macs, Mac viruses really can’t effectively propagate, so attacking Macs gets virus writers nowhere. Security through obscurity, in a way (which is funny, because people say this is what Microsoft and Apple do by not publishing their OS code for review, too).
If you run Windows on a Mac using any of several options, you can run into some of the Windows viruses in that, too. I’d dual-boot a Windows 64-bit OS if you want to be safe and have both environments, however, it may be possible to completely “sandbox” a Windows 32-bit OS on an Apple, meaning that any damage any virus could do is limited to that specific area and nothing you didn’t want it to touch.
Finally, you need to assure the applications you most want to use are on the environment you use. This is what attracts most people to the Windows environment, but there are a lot of equivalent programs that work on the Mac.
:-) There are no consumer OSes that are 128-bit, nor are there processors that would support that structure at this time.
“OS” stands for “Operating System.” It is the environment that your programs are hosted within. For most computers bought today, that is Microsoft Windows (you pick the version). If you buy an Apple, it is OS X. If you so desire, other operating systems can be put on together with, or replacing, a prior operating system. Such operating systems are Linux, OpenBSD, BeOS, or even DOS. The choice of OS invariably limits the programs you can use, as an Apple program can’t run on Windows in any normal way.
The “bits” refers first to the number of address lines available for referencing, with more giving you a greater opportunity to host much more memory within a computer. That said, for most people today, the standard 32-bit environment works fine, giving most OSes 4 GB of RAM for running programs.
In practice, processors with 64-bits have other better functions available to them, as well. This includes special abilities to protect executing software and data segments, commands to greatly speed up encryption, matrix, or graphics processing, etc. that also allow these processors to make some things function faster (along with being able to grab 64-bits of data at once rather than 32-bits requiring two cycles, for instance).
In Windows, you will know your version is 32-bit or 64-bit by going into your Control Panel and clicking on System. That first screen will tell you if your OS is 32-bit or 64-bit. It also tells you your processor, and this can be used to generally tell you if your hardware could support a true 64-bit OS if you are currently running a 32-bit OS. However, to be truly sure, you need to make sure your motherboard was built for a 64-bit OS, which may require you to look at the manual or call the manufacturer (some systems have a 64-bit processor but didn’t fully implement a 64-bit structure throughout the system).
One last thing. A 64-bit computer can natively run a 32-bit OS just fine, or it can run a 64-bit OS. However, a 32-bit computer cannot run a 64-bit OS.
One more followup. If a 64-bit computer runs a 32-bit OS, then invariably all the benefits of the 64-bit processor are lost. There are some ways to use add-ons and extensions for some OSes, but in reality, you are stuck with all of the bad, just as if you had a 32-bit processor running a 32-bit OS.
Thanks for your advice. It largely confirms what I have read elsewhere. Having played with Linux, it seemed to me that it would be a very alien and inhospitable environment for software written specifically to run in Windows. I forgot to mention another big plus - no Windows Registry for virus settings to hide in. My greatest concern really has been to understand how much damage Java, JavaScript or something like that could in a Linux environment. I feel more secure running Linux than Windows, but do want to be aware of potential vulnerabilities.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.