Polish Domain Registry NASK Seizes Domains Utilized in Pervasive Virut Botnet
Tweet
Polish domain registrar NASK seized 23 domains employed by the Virut botnet last week
Connected Topics: botnet, domains, europe, malware, nask, poland, Safety, virut botnet
Polish domain registry NASK seized 23 domains used by the Virut botnet final week, which marks the 1st time the registrar has taken such drastic actions against infected domains, according to a report by ZDNet on Monday.
NASK was approached by anti-spam organization Spamhaus to take action against the botnet that has existed considering that 2006, and was ranked fifth in the planet in terms of infections by Kapersky Labs. Virut accounted for 6.8 % of malware infections in 2012.
Virut has infected machines connected with 890,000 exclusive IP addresses final ear infection year in Poland alone, NASK said in a press release.
NASK stated the primary sources of the virus have been zief.pl and ircgalaxy.pl, which have been utilized to host its command and manage IRC servers, and other malware like Palevo and Zeus.
The Virut malware spreads by inserting code into clean executable files and copying itself to fixed, attached and shared network drives. Some variants also infect HTML, ASP and PHP files with rogue code that distributes the threat, Computerworld reports. Virut is utilized as a malware distribution platform, meaning other cybercriminals pay the Virut botmasters to deploy malware on the currently compromised computers.
Net hosts including Canadian Internet Hosting have deployed solutions to assist cut down on botnet and malware spread across its network.
Spamhaus worked with Group-IB to get the .ru domains utilized by Virut ear infection shut down, and it has alerted the .at domain registry about the concern in hopes that they will suspend the C&C domains.
Not too long ago, Microsoft reached a settlement with the host of the Nitol botnet, 3322.org, who agreed to cooperate in cleaning up computers infected with it, and help limit the spread of the Nitol botnet.
Speak back: What do you consider of the choice created by NASK to cut off the domains? Have you ever worked with safety researchers to fight the spread of malware? Let us know in a comment.
Net Hosting News Alerts
Net hosting news sent to your inbox
1 comment… read it under or add one
Marius
January 21, 2013 at 4:54 pm
NASK is the .PL Registry and not a Registrar
Reply
Cancel reply
Leave a Comment
Name *
E-mail *
Website
ear infection