Author Topic: FireEye: Killing the beast...  (Read 2718 times)

0 Members and 1 Guest are viewing this topic.

June 12, 2009, 01:48:50 am
Read 2718 times

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Quote
The purpose of this series of articles is very simple, to give our readers an idea about the current geographical distribution of command and control coordinates for the some of the top botnets.  Based on this data I'll try to estimate whether it is possible to shutdown these botnets by puling the plug for these servers.  The Botnets which will be discussed in these articles are Pushdo, Xarvester, Rustock, Koobface and Ozdok.  These stats are based on my sandnet logs for the last 3 months or so.  By no means is this list complete but it will give our reader a reasonable idea about the current motherships for these botnets.

Pushdo

Here is the list of Pushdo CnCs arranged in tabular form:

Read more
http://blog.fireeye.com/research/2009/06/killing-the-beast.html
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net

June 17, 2009, 06:30:24 pm
Reply #1

MysteryFCM

  • Administrator
  • Hero Member

  • Offline
  • *****

  • 1693
  • Personal Text
    Phishing Phanatic
    • I.T. Mate
Regards

Steven Burn
I.T. Mate / hpHosts
it-mate.co.uk / hosts-file.net