Koobface Botnet Server Disabled - For Now

Saturday, November 13, 2010



In a joint effort lead by SecDev researchers that included British law enforcement officials and the FBI, a primary server called "The Mothership" used to coordinate the infamous Koobface botnet was taken offline.

While the feat is recognized as being temporary at best, it does mark a pinacle after weeks of efforts to render the long-lived menace inoperable, and it also served to identify thousands of Google and Facebook accounts which were under the control of the Koobface network and used to ensnare unwitting Internet users.

"I think that they'll probably start up pretty soon, and they'll probably try to recover as many of their bots as soon as they can," said SecDev's chief research officer Nart Villeneuve.

Koobface, on the scene since 2008, has been one of the most notoriously successful botnet operations ever tracked, though not necessarily the most insidious, as the network has never sought to capitalize on its full potential.

The length of time Koobface has operated and the likelihood of its prompt return underscore the tremendous difficulty authorities and white hat researchers face in combating criminal botnets.

So it may be goodbye to Koobface for now, but it is definitely not farewell.

Source:  http://news.yahoo.com/s/pcworld/20101113/tc_pcworld/researcherstakedownkoobfaceservers
Possibly Related Articles:
Viruses & Malware
Google Facebook malware Botnets Headlines Koobface
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.