Dutch police and net security organisations have teamed up to dismantle many of the command and control servers associated with the Bredolab botnet. The Bredolab Trojan, which has spyware components that allow criminals to capture bank login details and other sensitive information from compromised machines, has infected an …
...before the official notice and link gets copied and used in spam and phishing attacks?
They probably also need to explain what a botnet is to the folk who weren't savvy enough to protect themselves against it in the first place.
It should have been illegal to sell an OS without built-in, regularly updated anti-virus included in the package for at least the last decade, turned on by default. The existence of the 3rd party anti-virus market, who would complain about that taking their market share, has ultimately made the internet a less safe ecosystem, and everyone has suffered.
in all seriousness though, the page as presented actually looks more like a phishing attempt than many phishing attempts I've seen. I'm not sure anyone getting this page would even read it, rather than immediately close the browser or tab.
So who's going to write
an anti-virus fo zOS or VMS ? Let's not be silly, shall we ? Even if you mean Windows OS I still don't buy it. Oh, and in case you just came to this world, an OS is not sold, it is just licensed for use as is. It's up to you to use it properly.
You are more than likely correct, sir.
More than likely, they wouldn't read it. When I remoted into a computer at a library to fix something on their network, it took me disabling the keyboard and mouse to get the person off the computer. The big message that says "SOMEONE HAS REMOTELY LOGGED INTO THIS MACHINE AND IS CONTROLLING IT" was only closed when it popped up. Similar messages that I sent to pop up on the screen were sometimes read but ignored, like it was some malicious popup from Facebook or something.
Re: How long...
> It should have been illegal to sell an OS without built-in, regularly
The answer is simple.
Make it illegal to connect any computer running a Microsoft OS to a network.
Remember what happened when Microsoft bundled IE with Windows in an attempt (arguably) to get people onto the internet faster by providing a browser pre-installed? Now imagine what would happen if MS Security Essentials was preinstalled and set to auto-update, etc. The likes of Norton and McAfee(Intel) would quickly team up and file lawsuits. Rub two braincells together next time before trolling.
Windows has UAC, that alone hampers alot of basic and skilled malware, it is the end user that blindly clicks accept/ok without ever reading the UAC warning.... the same thing would happen on linux if these people used it. instead of banning windows from networks, how about banning the users from the network until they actually learn to use computers properlly
Why should Linux and OSX have to ship with AV? Why not just make windows do it after all MS security essentials is free and Norton etc. have had enough years profiting from their awfully written AV software
Nice idea about the warning
but I wonder how many people that have this, actually know what a "botnet" is.
Surely a page that sends them to Security Essentials, AVAST or something would be SO much better...
They've caught the brains behind IT
From Dutch Police: "Op verzoek van het Landelijk Parket is vannacht op het internationale vliegveld van Jerevan een 27-jarige Armeniër aangehouden, die vermoedelijk het brein is achter het beruchte Bredolab netwerk".. Which translates to:
At the request of the Dutch Police, a 27 year-old Armenian, who is presumed to be the brains behind the infamous Bredolab network, was arrested at Yerevan international airport last night.
Or more like, they've arrested the 27 year old fall guy.
The problem is
That if that message popped up on my computer, I would assume that it was a fake virus scanner scam and ignore it.
Nice idea, but...
The web page that tells you that your pc has a virus is also a classic scam technique used by scareware.
Anyway, a good job indeed.
Spam is NOT a law of nature
While I approve of anything that bothers the spammers and reduces the spam, I'm not convinced that the C&C servers are the best points of attack. This is fundamentally a kind of arms race situation where the spammers always have the initiative. Each time the spammers devise new ways to hide their C&C system and new ways for the zombots to find them, the defenders are put back on their heels trying to figure out what has happened. Actually, if you believe that computer security is possible, doesn't that mean the spammers have the advantage here? The problem of concealing a clandestine network is fundamentally a security question.
In contrast, there are areas where the characteristics of spam prevent the spammers from hiding, and I think that is where we should focus the anti-spam efforts. "Follow the money" and cut it off. Most concretely, the spammers need to have visible servers where the suckers can go before they can send the spammers any money or be fooled into installing zombot software. Those servers and the DNS registrations that lead to them are better loci of attack because they cannot be hidden from the suckers and the spammers want the simple-minded suckers to connect as easily as possible.
The other characteristic of spam that should be exploited is that there are far more people annoyed by spam than there are suckers who fall for it. I think this argues for a crowd-based approach that will assist the large number of people (even if only a small percentage want to help in fighting the spam) in cutting the spammers off from their small supply of suckers. Essentially I think the major email suppliers (as in Google before they went evil) should offer something like SpamCop on steroids. An interactive form that will analyze the spam intelligently (perhaps in two or three rounds) to direct more effective responses against the spammers and all of the spammers' accomplices. (I think this system should also route replies to the secondary victims of spam, such as the legitimate companies that want to defend their valuable brands from the spammers' exploitation and devaluation.)
I think such a system could really make the bathwater too hot for the spammers. I'm not saying they would miraculously become decent human beings. I'm just saying the spammers would move under less visible rocks. They are fundamentally lazy scumbags and scammers looking for easy profits, and spam email should NOT offer those profits.
While I agree with some of the comments about Microsoft's negative contribution, I feel like the Paris Hilton icon, because she has benefited from easy profits... I thought there was an icon for spam? They have 35 icons, but none for spam, the #1 scourge of email?
- 20 Freescale staff on vanished Malaysia Airlines flight MH370
- Fee fie Firefox: Mozilla's lawyers probe Dell over browser install charge
- Neil Young touts MP3 player that's no Piece of Crap
- Review Distro diaspora: Four flavours of Ubuntu unpacked
- Sysadmins and devs: Do these job descriptions make any sense?