PHPBuilder - Researchers say that Gumblar botnet is entirely PHP automated



RSS Twitter
News News Reviews

Researchers say that Gumblar botnet is entirely PHP automated

by: Scott Clark
|
December 9, 2009

The Gumblar botnet, an interconnected group of PCs infected by specific types of malware, appears to work more or less by itself, according to security experts at Kaspersky Labs.

Gumblar's password-stealing and malware-spreading activities are not directly controlled by a human being, but rather by a small number of specialized command-and-control servers known as dispatchers. Kaspersky's researchers estimate that there are fewer than 10 Gumblar dispatchers currently active, compared to roughly 50 injectors - which host the malicious code - over 700 infectors, and more than 40,000 redirectors, which are compromised sites that point users to the infection sites.

PC Magazine says that the dispatcher machines are probably PHP machines, and that they run Linux as an operating system. The actual human agency behind the Gumblar botnet only has to visit the dispatcher servers occasionally to update the malicious code so that it will continue to evade network security measures.

Read the whole story at http://www.mxlogic.com/securitynews/network-security/researchers-say-that-gumblar-botnet-is-entirely-automated791.cfm

Comment and Contribute

Your comment has been submitted and is pending approval.

Author:
Scott Clark

Comment:



Comment:

(Maximum characters: 1200). You have characters left.