January 26, 2013

Pobelka Botnet Unraveled

Dutch Security firm Fox-IT revealed earlier this month crucial details from the Pobelka Botnet, based primarily in the Netherlands and Germany. The report gives some identifying information about the assailant responsible, as well as relating the main purpose of the botnet: exploiting financial information from victims. Pobelka, meaning “Money Laundering” in Russian, was so named because of the term “Pobelka” was found fixed to many of the domains used in sending data back to the attacker.

These facts show a disturbing trend in malware propogating across the globe: the threat of malware is no longer wasted PC resources and advertisements. The real threat of malware is changing as malicious coders are realizing the true value of information, specifically bank accounts in this case. This serves as yet another reminder of how inadequate current single-factor password systems are becoming and how crucial safe practices on the web are becoming. It also demonstrates how brazen malware authors are becoming in exploiting victims. Malware reports like this show growing trends that suggest very soon, malicious code will be a threat to enterprise, not just for lost productivity and efficiency, but for theft of sensitive information.

Source: http://foxitsecurity.files.wordpress.com/2013/01/demystifying-pobelka1.pdf