CYBER NEWS

Ponmocup Botnet – Why You Should Fear Zombie Networks

zombie-botnet-PC-sensorstechforumWhen a series of malicious attacks are taking place, be sure that botnets are involved. Botnets are one of the most dangerous cyber threats, compromising both network and home computers. As you probably know, a botnet is a group of compromised machines connected via the Internet and communicating with other machines. Illegal botnets can be used in various of malicious operations such as sending spam, performing DDoS attacks, etc.

Is your computer a zombie?

Zombie computers are nothing but ordinary machines situated in homes and offices spread around the globe. Any (unprotected) computer can become a part of a botnet. Attackers just need to sneak into the targeted system, usually through a backdoor and drop malware on it. Installing botnets typically happens via exploiting vulnerabilities in existing software. Sometimes social engineering (phishing, spear phishing) can also be included in the attack scenario. The worst part is that the owner of the compromised computer can stay unaware of the botnet activities for an undefined period.

How to tell if your PC has been turned into a zombie?

If the following actions keep on happening, your computer may be part of a botnet:

  • Your machine’s performance is slower than usual, no matter how many applications you have running. This may be because your computer’s processor may be exploited by hackers.
  • You get illogical error messages quite a lot.
  • Your system and browser crash without any obvious reason.
  • Your access to pages by IT security providers is blocked.
  • There are messages in your Sent email folder that weren’t sent by you.

So, how many botnets are out there?

It’s difficult to shoot an exact number. However, security vendors periodically analyze compiled data. Some of the worst botnets we’ve seen active in the last couple of years are ZeroAccess, Conficker, Kraken, Simda, Asprox. Interestingly enough, Kaspersky Labs have concluded that approximately 70% of DDoS botnet victims are located in only ten countries. At least that’s what the statistics for Q2 of 2015 have shown. The two most targeted countries are the United States and China, which can be easily explained by the cheap hosting offered by them. Nonetheless, one thing is definite – no country is secure enough to evade DDoS attacks (even though, for some reasons, some territories are preferred over others).

Which is the most dangerous known botnet?

According to research by the Italian security firm FoxIT, Ponmocup or Poncocup Hunter is one of the oldest and most successful botnets which over time has infected 15 million computers and has made millions of dollars. Ponmocup is, however, often underestimated by AV vendors and thus, it hasn’t made the headlines as often as other botnets. Ponmocup’s peak was in 2011 when it took control over 2.4 million machines. In 2015, researchers believe that at least half a million systems are victimized by the botnet. Some experts refer to the botnet as to ‘a giant hiding in the shadows.’

Ponmocup was first discovered in 2006. Back then, it was known as Vundo and Virtumonde. It is both sophisticated and underestimated – a combination that has proven quite successful for its authors, currently focused on a pure financial gain.

FoxIT experts believe that the techniques employed by Ponmocup suggest that its authors have above-average knowledge of Windows and many years of experience in malicious software. The cyber criminals are suspected to be of Russian origin, based on the discovery that instructions for affiliates are written in Russian. Apparently Ponmocup wouldn’t infect countries from the Soviet States.

Researchers believe that the exact amount of money Ponmocup’s operators have made cannot be calculated precisely. What is known however is that their profits are close to the earnings of a multi-million-dollar business. Well, cybercrime has proven to be a rewarding field of employment, hasn’t it?

Read More about Stealing Money Online the Cyber Crime Way

How to prevent your machine from becoming a zombie?

Having in mind that botnets are often deployed to spread malware across multiple machines simultaneously, having a powerful anti-malware solution appears to be a necessity.

Cyber crooks apply two strategies to intrude victims’ machines and turn them into zombies:

  • Installation of malware via exploiting software vulnerabilities or hijacking your weak accounts. Learn why passwords matter.
  • Tricking you into installing malware with the help of social engineering techniques.

To improve your security and avoid becoming a zombie, refer to the following security tips:

  • Install both anti-spyware and anti-virus software. An anti-spyware program will keep track of spying components and would go deep into the system. An anti-virus program will search the hard disc and remove uninvited guests. Also, keep in mind that it is important to use software that runs in real time.
  • Frequently update your software, operating system and browsers.
  • Use strong passwords.
  • Keep your firewall on. A firewall provides protection against intruders from the Internet.
  • Don’t use flash drives with unknown origin.
  • Revise your surfing and downloading habits and apply anti-spam filters.

donload_now_250
Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

References:

Microsoft
Kaspersky
EnigmaSoftware
TheRegister
FoxIT
ZoneAlarm

Milena Dimitrova

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the beginning. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...