WebProNews

Tag: botnets

  • Google Ads Get New Botnet Protection Feature

    Google Ads Get New Botnet Protection Feature

    Google announced a new feature for its ads that automates the filtering of traffic from three ad fraud botnets along with the ones Google is already monitoring and defending against. According to the company, it’s resilient to possible changes to the malware that generates the traffic.

    Google says the addition of this feature boosts its defenses against invalid traffic generated by ad fraud malware including Bedep and other malware families that they’ve code-named Beetal and Changthangi. The three botnets combined account for over 500,000 infected computers.

    “Botnet traffic is difficult to consistently filter in advertising platforms because malware authors try to make their fraudulent traffic look as human as possible so that it resembles legitimate traffic,” says Andres Ferrate, Chief Advocate for Google Ad Traffic Quality. “For example, botnet traffic has many of the same characteristics as real traffic, including the use of common browsers, and typical user behavior on a web page (e.g., scrolling, clicking, and mouse movement).”

    “Our move to consistently and confidently cut out the traffic from these botnets, despite any changes in the malware on which they’re based, represents a significant milestone in the defense of our advertising ecosystem,” Ferrate adds.

    In other Google security-related news, the company also announced a couple of new features for Gmail to protect users.

    Both announcements come on “Safe Internet Day”.

    Images via Google

  • Microsoft: Internet Crimefighter & Bane Of Botnets

    Microsoft’s stepping up its effort against online crime lately by sending its own employees to accompany U.S. marshals in federal raids of facilities that are suspected of participating in one of the nastier methods of cybercrime: botnets.

    A profile in the New York Times today on Richard Boscovich, Microsoft’s senior lawyer in the company’s digital crimes unit, offers a glimpse into the company’s increased vigilance in policing the online world by taking the fight offline. Boscovich is credited with creating Microsoft’s branch of law enforcement as an effort to watch over “fraud that could affect the company’s products and reputation.” In what sounds more like Law & Order: The Microsoft Unit than something you’d expect from the maker of Windows operating systems, the Times describes a recent government raid in Pennsylvania aimed at taking down botnets:

    With a warrant in hand from a federal judge authorizing the sweep, the Microsoft lawyers and technical personnel gathered evidence and deactivated Web servers ostensibly used by criminals in a scheme to infect computers and steal personal data. At the same time, Microsoft seized control of hundreds of Web addresses that it says were used as part of the same scheme.

    Although companies like Google and Apple tend to dominate most tech headlines these days, Microsoft’s Windows is still the most used operating system around the world among internet users, which has the unfortunate side effect of making it the most likely target for botnets. While Microsoft continues to offer up patches and security upgrades for its users, the company has also endorsed recent legislation like the Anti-Bot Code of Conduct for Internet Service Providers. Taking on cyber criminals in the first-life world suggests Microsoft doesn’t feel like waiting around for the law’s delay to start hindering botnets and bot-herders, criminals that utilize botnets.

    In what I imagine sounded like a Batman growl unintentionally slipping into a press interview with Bruce Wayne, Boscovich said that the purpose of the raids was to send a message to cyber criminals. “We’re letting them know we’re looking at them,” said Mr. Boscovich.

  • FCC Targets Botnets With New Anti-Bot Code Of Conduct

    FCC Targets Botnets With New Anti-Bot Code Of Conduct

    With one of every ten computers in the United States infected by bots, botnets have officially become enough of a menace/threat/foe to the U.S. government that its launching an initiative to reduce their number.

    Announced earlier today, The Online Trust Alliance joined a unanimous vote at the Federal Communications Commission’s council for communications security, approving the voluntary U.S. Anti-Bot Code of Conduct for Internet Service Providers. You ready for this? The shorthand version of the bill is known as “the ABCs for ISPs.” Cute, isn’t it?

    As a member of the council appointed by FCC Chairman Julius Genachowski, the OTA has been working with the FCC and leading ISPs to develop this voluntary Code in order to help protect the infrastructure of the country’s communications as well as consumer data. Bots, as you may or may not know, can be deployed to do anything from send out spam to eavesdrop on network traffic to swiping passwords from users.

    “Today is an example of the importance of self-regulatory efforts to help improve the safety and performance of the internet,” said Craig Spiezle, executive director and President of the Online Trust Alliance. “Sustainable solutions to contain bots must include all stakeholders in efforts to detect, prevent, and remediate these threats.”

    Chairman Genachowski added, “The recommendations approved today identify smart, practical, voluntary solutions that will materially improve the cyber security of commercial networks and bolster the broader endeavors of our federal partners.”

    The development of the ABCs for ISPs was developed over the past 12 months with the participation of trade associations and companies, including OTA members PayPal, Microsoft, Symantec, and Internet Identity, and leading ISPs, including Comcast and CenturyLink. Approximately 29% (or 23 million) of all U.S. households that have broadband service will gain added protection from ISPs who have adopted the Anti-Bot Code of Conduct. Focusing on residential users, the Code includes five areas of focus for ISPs: education, detection, notification, remediation, and collaboration (EDNRC? Doesn’t quite follow in line with the previous acronyms).

    To participate in the Code, ISPs will be required to complete at least one activity in each of those five areas:

  • Education – an activity intended to help increase end-user education and awareness of botnet issues and how to help prevent bot infections;
  • Detection – an activity intended to identify botnet activity in the ISP’s network, obtain information on botnet activity in the ISP’s network, or enable end-users to self-determine potential bot infections on their end-user devices;
  • Notification – an activity intended to notify customers of suspected bot infections or enable customers to determine if they may be infected by a bot;
  • Remediation – an activity intended to provide information to end-users about how they can remediate bot infections, or to assist end-users in remediating bot infections;
  • Collaboration – an activity to share with other ISPs feedback and experience learned from the participating ISP’s Code activities.

    • Future OTA reports will track adoption, highlighting those ISPs who have asserted their implementation of the Code. As independent organizations committed to enhancing online trust and confidence, ISPs are encouraged to report to OTA. Future reports will include the adoption of similar efforts by other stakeholders and industry segments. Additional information and the link to the Code are posted at https://otalliance.org/botnets.html.

  • Attempted Click Fraud Rate Surges In Q1

    In the first quarter of 2010 the average attempted click fraud rate increased from 25.7 percent in Q4 2009 to 29. 2 percent in Q1 2010, representing a 34 percent year-over-year increase from Q1 2009, according to a new report from Anchor Intelligence.

    Anchor Intelligence told WebProNews the record attempted click fraud rate can be attributed to dramatic growth in botnet scale and volume around the globe.

    The countries with the highest attempted click fraud rates were Vietnam (35.4%), Australia (35.2%), and the U.S. (35%). The majority of this traffic was due to high velocity botnet traffic and coordinated click fraud rings. This increase in botnet click fraud also caused a significant surge in attempted click fraud in the U.K., from 18 percent in Q4 to 32 percent in Q1.

    Click-Fraud-Rate

    "As Internet usage has grown in countries lacking appropriate cybersecurity measures, more and more computers have become infected with malware and used as click fraud zombies," said Ken Miller, CEO of Anchor Intelligence.

    "By releasing this report, we hope to convey the importance of advertising with ad networks and search engines that partner with third-parties such as Anchor to certify their traffic quality."

    The jump in botnet activity across the Anchor Intelligence network is consistent with other accounts of corrupt activity originating from compromised computers around the world. Recent reports from McAfee and Google identified a surge in cyber attacks against blogs criticizing mining projects in Vietnam.

    In addition, in December and January, over thirty companies were targeted by cyber attacks origination from China that were designed to steal personal data from corporate networks.