Sign In

Communications of the ACM

ACM TechNews

Avast, French Police Take Over Malware Botnet, Disinfect 850,000 Computers


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook
The tactic effectively disinfected more than 850,000 Windows systems without users having to take action.

Working with the French National Police, antivirus maker Avast neutralized the back-end infrastructure of a malware botnet by hijacking its command-and-control servers to instruct the malware to erase itself from infiltrated computers.

Credit: techblog.cosmobc.com

Antivirus maker Avast and the French National Police have neutralized the back-end infrastructure of a malware botnet by hijacking its command-and-control (C&C) servers to instruct the malware to erase itself from infiltrated computers.

The tactic effectively disinfected more than 850,000 Windows systems without users having to take action.

The strategy exploited a design flaw in the Retadup malware gang's C&C server communications protocol, which Avast researchers had discovered earlier.

The servers were based in France, and Avast persuaded French authorities to collaborate in their seizure.

Avast then replaced the malicious servers with copies which instructed any infected host which linked to the server to delete itself.

From ZDNet
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found