Tech News

Microsoft releases new details on Gamarue malware botnet and its ‘sprawling infrastructure’

Microsoft on Thursday revealed extra details in regards to the infamous Gamarue botnet, which was thought of one of many world’s largest malware operations till it was disrupted late final 12 months.

Gamarue, also referred to as Andromeda, is an unlimited and harmful community of contaminated computer systems operated by cybercriminals for revenue. The contaminated machines communicated with servers managed by Gamarue to unfold malware and harness click-bait fraud.

Microsoft mentioned in its 23rd Security Intelligence Report that the takedown of the Gamarue botnet illustrates the relentless measures cybercriminals are prepared to take distribute ransomware and steal and promote private knowledge.

In 2015, Microsoft’s safety groups started analyzing greater than 44,000 malware specimens, revealing Gamarue’s “sprawling infrastructure,” in accordance with the report. The safety groups shared with regulation enforcement greater than 1,200 IP addresses for servers managed by the Gamarue botnet in addition to 464 particular person botnets trolling the net and attempting to deploy bugs from greater than 80 completely different malware households.

The FBI and regulation enforcement officers across the globe took down the botnet on Nov. 29. Microsoft mentioned the Gamarue had been accountable for spreading a collection of harmful bugs since 2011, together with Petya and Cerber ransomware bugs in addition to Kasidet, which was deployed for DDoS assaults.

Microsoft mentioned in Thursday’s report that, like different botnets and exploits, Gamarue has been out there on the black market as a type of cybercrime-in-a-box equipment. Elements that could possibly be added to Gamarue embrace a bot-builder and a PHP-based dashboard that permits hackers to supervise and management their bots.

Extra plug-ins embrace a keylogger for $150, a “formgrabber,” which, for $250, siphons knowledge away from browser net types and a “teamviewer,” which permits an attacker to remotely management and spy on a sufferer’s desktop whereas snatching recordsdata and different knowledge.

Microsoft famous within the report that hobbling Gamarue precipitated a ripple impact, additional constricting the distribution of 80 extra malware households. As soon as Gamarue had been disrupted, Microsoft mentioned it famous a 30 % lower within the variety of Gamarue victims worldwide.

Back to top button