To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
----------
These guys have been collecting statistics on IP addresses, OS types,
browser-type, the exploit that worked to infect, etc. for a long time
now. I don't see this as anything special except that one of them was
lazy.
This is pretty neat, though!
Gadi.
---------- Forwarded message ----------
Date: Tue, 19 Sep 2006 00:36:46 GMT
From: Fergie <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: [funsec] Botnet Operator Taps into Google Analytics
Clever little bastards...
Via vnunet.com.
[snip]
A botnet operator is using Google Analytics to collect additional
details about his network of zombie computers.
Google Analytics offers free site visitor statistics, tracking the
number individuals that visit a website and their geographic location.
The service uses special html-code that is embedded onto a web site
that alerts the Google server every with every visitor.
In this case however, a botnet operator embedded the code into a
variant of the Opanki virus, McAfee reported on its blog. Similar to
the website statistics, this provides the malware's author with
feedback on the number of infections and their geographic location.
[snip]
More:
http://www.vnunet.com/vnunet/news/2164508/red-hat-unveilsbotnet-operator
- ferg
--
"Fergie", a.k.a. Paul Ferguson
Engineering Architecture for the Internet
fergdawg(at)netzero.net
ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
_______________________________________________
To report a botnet PRIVATELY please email: [EMAIL PROTECTED]
All list and server information are public and available to law enforcement
upon request.
http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
