Rimecud To Remain The Most Common Botnet In US, Due To Attacker's Custom Bots.
Executive Summary:
It is likely that due to custom versions of the Rimecud Botnet, the Botnet will remain the most infectious Botnet in the US. Attackers who use the Rimecud Botnet are able to do so in different ways because of the custom settings they can install.
Discussion:
The US has the largest number of computers affected by botnets, with most infections coming from just the Rimecud Botnet. The Rimecud works like a backdoor virus which proliferates through removable and fixed drives. It also dispatches harmful web-links to all friends of the victim, utilizing popular Instant Messaging applications. A removable disk is the most common way that this botnet is transferred from computer to computer.(1)
http://tinyurl.com/2fdkkhe
When infected with the malware, the botnet is able to forward password and usernames to the attacker. The attacker can use this stolen information to access online banking and other accounts that are accessible with the stolen information. Money can be transferred from the victim’s bank account to an account of the attacker's choice.(2)
The primary reason why the Rimecud Botnet is so prevalent over other Botnets, is the fact that it is a part of the “kit” family. This mean that people who are using this can independently create their own form of the Rimecud Botnet.(3)
However, a man known as Iserdo was arrested in relation to the Mariposa Botnet. The relationship between his arrest and the Rimecud Botnet is that the Rimecud and Mariposa Botnet supposedly have the same creator. The Mariposa Botnet declined significantly in 2009 and was eventually dismantled. The FBI, Slovenian police, and Spanish law enforcement arrested Iserdo in Maribor, Slovenia in July 2010.(4)
Analytic Confidence: Analytic confidence for this assessment is medium. Source reliability ranges from medium to high. There some conflict between sources but no major disagreements. The analyst had low expertise, worked in a group and used the structured analytic method of ACH. The subject is moderately complex and the deadline was moderately demanding to meet.
Rimecud To Remain The Most Common Botnet In US, Due To Attacker's Custom Bots.
Executive Summary:
It is likely that due to custom versions of the Rimecud Botnet, the Botnet will remain the most infectious Botnet in the US. Attackers who use the Rimecud Botnet are able to do so in different ways because of the custom settings they can install.Discussion:
The US has the largest number of computers affected by botnets, with most infections coming from just the Rimecud Botnet. The Rimecud works like a backdoor virus which proliferates through removable and fixed drives. It also dispatches harmful web-links to all friends of the victim, utilizing popular Instant Messaging applications. A removable disk is the most common way that this botnet is transferred from computer to computer.(1)When infected with the malware, the botnet is able to forward password and usernames to the attacker. The attacker can use this stolen information to access online banking and other accounts that are accessible with the stolen information. Money can be transferred from the victim’s bank account to an account of the attacker's choice.(2)
The primary reason why the Rimecud Botnet is so prevalent over other Botnets, is the fact that it is a part of the “kit” family. This mean that people who are using this can independently create their own form of the Rimecud Botnet.(3)
However, a man known as Iserdo was arrested in relation to the Mariposa Botnet. The relationship between his arrest and the Rimecud Botnet is that the Rimecud and Mariposa Botnet supposedly have the same creator. The Mariposa Botnet declined significantly in 2009 and was eventually dismantled. The FBI, Slovenian police, and Spanish law enforcement arrested Iserdo in Maribor, Slovenia in July 2010.(4)
Analytic Confidence:
Analytic confidence for this assessment is medium. Source reliability ranges from medium to high. There some conflict between sources but no major disagreements. The analyst had low expertise, worked in a group and used the structured analytic method of ACH. The subject is moderately complex and the deadline was moderately demanding to meet.