iRemove Discount Antivirus Day.
For more available deals please contact us
United States - Norton AntiVirus 11 for Mac - 10% off Coupon Offer Expires 07/10/10
Coupon Code: 10NAVMAC08
********************************
10% off Site Wide Offer Expires 07/10/10
Coupon Code: 10%OFF09
********************************
Students Save 50% off Norton AntiVirus 2010 and Norton AntiVirus 11 for Mac Offer Expires 10/07/10
Coupon Code: No Coupon needed
********************************
10% off Norton AntiVirus 2010 Offer Expires 07/13/10
Coupon Code: 15%OFFNAV10
********************************
UK - 10% Off - Internet Security 2010 - SC Link Offer Expires 12/31/10
Coupon Code: trendtis
********************************
US - Internet Security 2010 - 10% Off - Product Page Link Offer Expires 07/10/10
Coupon Code: trendsecurity
********************************
US - AntiVirus plus AntiSpyware 2010 - 10% Off - Product Page Page Offer Expires 07/10/10
Coupon Code: trendtav
********************************
US - AntiVirus plus AntiSpyware 2010 - 10% Off - Shopping Cart Link Offer Expires 07/10/10
Coupon Code: trendtav
********************************
NL - 10% Off - Internet Security Pro 2010 - SC Link Offer Expires 12/31/10
Coupon Code: trendpro
********************************
US - Smart Surfing for Mac - 10% Off - Shopping Cart Link Offer Expires 07/10/10
Coupon Code: trendmac
********************************
Use this coupon and save 10% on Kaspersky Internet Security(excludes 1PC, 1YR) Offer Expires 12/20/11
Coupon Code: KIS10%
********************************
Save on your purchase of Kaspersky Anti-Virus 2010 (Excludes 1PC, 1YR) Offer Expires 12/04/10
Coupon Code: KAV10
********************************
Receive 10% off on a one-year license (Excludes 1PC, 1YR) Offer Expires 12/04/10
Coupon Code: No Code Needed!
********************************
NEW PROMOTION - Kaspersky UK are offering a massive 10% off discount on their top selling security products: Kaspersky Anti-Virus 2010 and Kaspersky Internet Security 2010. Get 10% off now with coupon code KASUK10%OFF Offer Expires 08/10/10
Coupon Code: KASUK10%OFF
********************************
10% off Spyware Doctor Offer Expires 05/30/10
Coupon Code: pctools10
********************************
10% off Spyware Doctor with AntiVirus Offer Expires 05/30/10
Coupon Code: pctools10
********************************
10% off Registry Mechanic Offer Expires 05/30/10
Coupon Code: pctools10
********************************
10% off PC Tools Internet Security Offer Expires 05/30/10
Coupon Code: pctools10
********************************
25% off Norman Security Suite. Coupon 25OFFNSSUS Offer Expires 10/10/11
Coupon Code: 25OFFNSSUS.
********************************
25% off Norman Security Suite. Coupon 25OFFNSSGB Offer Expires 10/10/11
Coupon Code: 25OFFNSSGB.
********************************
avast! NEW PRODUCT PROMOTION : 10% off avast! Internet Security. Click here.Click here. Offer Expires 06/10/10
Coupon Code: DISCOUNTED LINK
********************************
avast! NEW PRODUCT PROMOTION : 10% off avast! Internet Security. Click here. Offer Expires 06/10/10
Coupon Code: DISCOUNTED LINK
Friday, 14 May 2010
Twitter-controlled botnets come to the unwashed masses
By Dan Goodin in San Francisco
The Register
13th May 2010
A security researcher has unearthed a tool that simplifies the process of building bot armies that take their marching orders from specially created Twitter accounts.
TwitterNet Builder offers script kiddies a point-type-and-click interface that forces infected PCs to take commands from a Twitter account under the control of attackers. Bot herders can then force the zombies to carry out denial-of-service attacks or silently download and install software with the ease of their Twitter-connected smartphones.
"All in all, a very slick tool and no doubt script kiddies everywhere are salivating over the prospect of hitting a website with a DDoS from their mobile phones," Christopher Boyd, a researcher with anti-virus provider Sunbelt Software, writes here.
Alas, TwitterNet Builder requires accounts to be public, so spotting people who use the software is fairly straightforward. A quick search revealed accounts here, here and here that appeared to be using the DIY kit, although it appeared these might be harmless demonstrations rather than brazen attacks.
The Register
13th May 2010
A security researcher has unearthed a tool that simplifies the process of building bot armies that take their marching orders from specially created Twitter accounts.
TwitterNet Builder offers script kiddies a point-type-and-click interface that forces infected PCs to take commands from a Twitter account under the control of attackers. Bot herders can then force the zombies to carry out denial-of-service attacks or silently download and install software with the ease of their Twitter-connected smartphones.
"All in all, a very slick tool and no doubt script kiddies everywhere are salivating over the prospect of hitting a website with a DDoS from their mobile phones," Christopher Boyd, a researcher with anti-virus provider Sunbelt Software, writes here.
Alas, TwitterNet Builder requires accounts to be public, so spotting people who use the software is fairly straightforward. A quick search revealed accounts here, here and here that appeared to be using the DIY kit, although it appeared these might be harmless demonstrations rather than brazen attacks.
Twitter-controlled botnets
Twitter®-Controlled Botnet SDK At Large
Date: 05/14/2010
Author: Bogdan Botezatu
Coordinated DDOS attacks now at hand via mobile phone
Huge armies of zombified computers unanimously executing the commands sent by their master – that’s what comes in the mind of a computer user at the sound of the word “botnet”. Fortunately enough, writing a bot is an extremely tedious task that takes a lot of in-depth programming knowledge, so not everyone can become a botmaster overnight, despite the obvious financial advantages.
BitDefender has released an emergency update to protect against a potential pandemic caused by the emergence of a botnet self-development kit controllable via the popular social media service Twitter®. In order to create their custom bot, an attacker only has to launch the SDK, enter a Twitter username that would act as a command & control center and modify the resulting bot’s name and icon to suit their distribution method.
The newly-created bot will constantly interrogate the specified Twitter® profile (available at http://www.http://www.twitter.com/userprofile for posts resembling specially-crafted commands. In order to avoid confusion, all of the six supported commands have to start with a period:
- The .VISIT command accepts two parameters separated by the * sign, as follows: .VISIT*URL*1 or .VISIT*URL*0. The command would make the bot visit a web page specified in the URL parameter. The latter parameter tells the bot whether to visit the URL in a visible (1) or an invisible (0) window.
- The .SAY command only takes one parameter and would initialize the Microsoft Text-To-Speech Engine to read the specific parameter. Example: .SAY*Something to say.
- The .DOWNLOAD command takes a URL as the first parameter and either 0 or 1 as the second one: .DOWNLOAD*URL/somefile.exe*0 or .DOWNLOAD*URL/somefile.exe*1. The URL tells the bot where to take the file from, while the numeric parameter tells is if the file should be executed or not when download completes.
- The .DDOS*IP*PORT command would trigger an UDP flood attack against the indicated IP on the specified port number (be it computer, router or server), thus taking the criminal game to a whole new level of aggression.
- .STOP ensures that the bots eventually stop the repetitive actions such as visiting web resources or hammering an IP to cause a DDOS condition, and return to a “listening” state.
- The .REMOVEALL command tells the bots to disconnect from the Twitter account and stay dormant until the next restart. This command practically eliminates all traffic between the bot and the Web, thus making it less “visible” to network packet monitoring tools such as Wireshark®.
This is, undoubtedly, one of the first attempts at creating an automated bot creation tool to be used in conjunction with a Twitter C&C. However, the overall mood of the TwitterNET Builder, as it is called, is experimental: the creator didn’t spend too much to protect the generated bots from reverse engineering or from detection and termination, but this flaw doesn’t make them less dangerous for the average computer user.
One thing to bear in mind though: a closer look into the file reveals that the wannabe botmaster is not the only one controlling the network. There is a secondary hardcoded Twitter account name called @Korrupt that may pass commands to any bot generated with the tool, regardless of the C & C account specified by the bot’s creator. However, at the moment, this account does not reveal any traces of criminal activity.
And even if coordinating a botnet via a Twitter profile has its specific drawbacks (this is a single point-of-failure C&C – once the Twitter account is deleted for abuse, the entire botnet would fall apart the next second), it also has its advantages – a botmaster can unleash a large-scale malware pandemic (by silently downloading and executing malware to all the zombie systems) or a DDOS attack by simply tweeting a single line of text from a mobile phone.
In order to protect customers, BitDefender has added detection for Trojan.TweetBot.A and released a free removal tool available here http://www.malwarecity.com/files/Anti-TweetBot-EN.rar
Subscribe to:
Posts (Atom)