Abuse Of Google Search Could Help Regulate Botnets

Symantec Corp., vendor for security solutions has just detected a malware dubbed Downloader.Sninfs, which by utilizing Twitter, the micro-blogging service, to act like a command-and-control system, spreads Infostealer.

Bancos, the malware that steals passwords via the technique of phishing on fraudulent websites that spoof Brazilian banks. Following this new finding, security researchers caution users that the Google search engine is capable of being abused in much the same way for building a botnet that could resist takedown efforts more successfully.

Said Vaclav Vincalek security researcher from Vancouver and also President, Pacific Coast Information Systems Ltd. (PCIS), online attackers could begin exploiting search engines that enjoy widespread popularity, towards transmitting malware to botnets whenever specific keywords are entered for search.

ITWorldCanada.com published this during the 3rd week of August 2009. Elsewhere, citing Google, Vincalek stated that in case the botnet began utilizing Google for certain words/phrases and thereafter discovered the malware as well as executed it, then anyone could begin utilizing Google to transmit the malware, alternatively commands to the network of bots. SoftPedia reported this on August 24, 2009.

Vincalek said that the strategy abusing Google would really work effectively given that innumerable people operated its search engine every day that is known to enlist a wide array of websites. Also according to Vincalek, while he didn't know whether anyone had used the strategy thus far, the idea that any botnet operator would abuse Google in the manner discussed and further thwart efforts to counter it, was frightening.

For, while with Twitter, any account could be conveniently shut down, it probably wasn't possible to shutdown Google. Meanwhile, more news regarding botnets indicate that with the passage of years, botnets, which used to take instructions from only one command-and-control server, now exchange data among all the clients via P2P technology, suggesting an evolutionary step in the botnet infrastructure.

Finally, Vincalek and other security experts advise Web users to surf on the Internet with caution, especially because cyber-criminals' increasing sophistication could result in damage of computers as also bring down the whole Web, apart from being aware of various security threats associated with surfing.

Read the complete article at SPAMfighter News at http://www.spamfighter.com/News-13077-Abuse-Of-Google-Search-Could-Help-Regulate-Botnets.htm

 

 PCIS is a Vancouver-based company which provides strategic consulting, application development, technology solutions and managed services to companies and government organizations throughout North America.

Boonbox is a division of Pacific Coast Information Systems Ltd., specializing in products for web security, network security, password management and data backup.

Media Contact
Jonathon Narvey
Communications
Phone: +1 (604) 844-7558
jonathonnarvey@pcis.com
Pacific Coast Information Systems / Boonbox
700-1112 Pender Street West
Vancouver, BC
V6E 2S1 Canada

Contact Boonbox

Name
*
Company
*
Phone
*
Email
*
How can we help?
Please tell us how you found out about PCIS


"Submit Inqiry"