Million dollar botnet Bamital taken down

A major clickfraud Trojan that’s been operating for more than three years and reaped more than $1.1 million in returns for its operators has been shut down, Symantec Corp. announced this morning.

Working with Microsoft Corp. to root out the infrastructure that the Bamital malware relied upon, Symantec says it has taken down the botnet. The security software vendor has been tracking the botnet’s activities since 2009 and working to detail its inner workings. This particular malware was known to infect users by targeting popular search engine results for key terms, then either embedding malware in legitimate Web sites or setting up malicious Web sites to drop the clickjacking software on a user’s PC.

Once on a computer, the malware can redirect users PCs to click on advertisements that result in revenue generation for the operators. It also opens the users up to further malware to be loaded on to their systems.

A six-week monitoring period of Balmital revealed 1.8 million unique IP addresses communicating with its command and control server, Symantec says. That resulted in an average of three million clicks hi-jacked per day.

Source | Symantec Blog

Share on LinkedIn Comment on this article Share with Google+