Top Menu

Windows 7 rc as botmasters bait

The mania on the soon-to-be launched Windows 7 is taken advantage of by cyber criminals.  A pirated version of Windows 7 Release Candidate is currently circulating.  But the issue is not only piracy — the pirated Windows 7 RC is actually infected with a Trojan horse that establishes a botnet.

What the botnet in the pirated software does

With the coming of Microsoft’s Windows 7, it seems that cyber criminals and hackers found their new tool in spreading malicious sofware.  This pirated Windows 7 RC has created a botnet that controls several thousands of bots, according to the security firm Damballa.  The software has made its way to thousands of servers through online forums and piracy sites.  Currently, there seems to be no stopping the spread of this botnet.

The malicious software initially appeared on April 24 and quickly created hundreds of bots in the span of an hour.  According to Damballa, the malware spread fast that when the said security firm took over the network command and control server, which was on May 10, the malware already controlled more or less 27,000 bots.  The infections are mostly in the US, Netherlands, and Italy.  

Damballa said that the pirated software was especially designed to download and install malware.  The payments for the botmasters are given depending on the number of malware installed.  Damballa further said that installations are ongoing.  Damballa assures net users by saying that, since they took over the control of the server, botmasters can’t access and control the newly installed pirated software.  However, for the existing installations, Damballa can’t do anything about it.  

According to the vice president of engineering at Damballa, Tripp Cox, the installation rate is increasing rapidly. According to him, the botmaster-controlled Microsoft Windows 7 RC used a domain name “codecs.styles.net” for command and control.  

Cox further said that there is a conspiracy between cyber criminals and software pirates.  He added that the pirated Windows 7 RC is just one of the various other pirated versions that carry different types of malware.  

According to Damballa, the traditional anti-malware detection is not effective in detecting the malware on the pirated Windows 7 RC.  The malware is immune to anti-virus tools because there are only a few solutions that support the new OS.   

Bot nets are usually created to commit phishing schemes and denial-of-service attacks.  Security experts urge the IT industry to create more effective law-enforcement measures, for botnets are one of the most dangerous threats for online users.

, , , ,