Members
  • Total Members: 14176
  • Latest: toxxxa
Stats
  • Total Posts: 42869
  • Total Topics: 16078
  • Online Today: 3634
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)









Author Topic: Chinese based botnet discovered, larger than previously thought (Ghostnet 2.0)  (Read 2814 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7528
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


About a year ago, a group of security researchers in Toronto affiliated with the Munk Centre for International Studies uncovered the existence of an international botnet called Ghostnet, and discovered that it may be a Chinese espionage tool used against Tibetan citizens. It was one of the largest botnet networks at the time, and the Chinese government has repeatedly denied accusations that they were behind the espionage, despite the sociopolitical nature of the targets.

Now, a year later, the same group of researchers have discovered a previously unknown branch of the Ghostnet Network that primarily targets India: http://www.h-online.com/security/news/item/GhostNet-2-0-espionage-network-uses-cloud-services-970795.html
After extensive research and monitoring, they have determined that the GhostNet network is more sophisticated and robust than previously assumed.

Called GhostNet 2.0 by some, the control servers sending commands to infected PCs all over the world were using cloud-based social networking services like Twitter, Facebook, and Google to communicate with the botnet, raising concerns that the open nature of the cloud will lead to dangerous opportunities for botnet herders around the globe to more easily conceal their actions.

According to Ars Technica, The accusations against China for backing the botnet remain inconclusive. The report points to the location of the likely origin of the attacks, Chengdu Province, and explains that it's a site of an Army technical reconnaissance bureau. However, the location is also close a known organized crime community in Chongquing, another possible explanation. The Chinese government has been known to hire independent contractors to do their cyber-work, so the culprit could very well be a mix of the two theories. 

Regardless of who is behind GhostNet, there is no denying that it's a huge leap forward in the sophistication of the botnet industry. As more and more services head toward the cloud, and as more and more services adopt more open models, the botnet herders will no doubt jump on the opportunity to copy GhostNet, and use the open infrastructures to their advantage.

(NW)

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising