{"id":5943,"date":"2014-07-11T10:00:44","date_gmt":"2014-07-11T14:00:44","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=5943"},"modified":"2014-07-11T10:00:44","modified_gmt":"2014-07-11T14:00:44","slug":"facebook-helped-shut-down-lecpetex-botnet-responsible-for-turning-pcs-into-litecoin-miners","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/11\/facebook-helped-shut-down-lecpetex-botnet-responsible-for-turning-pcs-into-litecoin-miners\/","title":{"rendered":"Facebook helped shut down &#8216;Lecpetex&#8217; botnet responsible for turning PCs into Litecoin miners"},"content":{"rendered":"<p>Law enforcement officials in Greece recently arrested two people last week that they believe were responsible for operating a botnet called Lecpetex. The hackers reportedly infiltrated up to 50,000 Facebook accounts and some 250,000 computer which were used to mine Litecoins, a popular alternative virtual currency similar to Bitcoins.<\/p>\n<p>As outlined in a blog post, Facebook&#8217;s Treat Infrastructure team has been working with several industry partners over the last seven months to eradicate the botnet. It took that long to bring down Lecpetex primarily because it featured multiple technical features that made it more resilient to analysis and disruption efforts.<\/p>\n<p style=\"text-align:center;\"><a href=\"http:\/\/www.techspot.com\/news\/57363-facebook-helped-shut-down-lecpetex-botnet-responsible-for-turning-pcs-into-litecoin-miners.html\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/nccomputertech.com\/techtalk\/wp-content\/uploads\/2014\/07\/2014-07-09-image-9.png\" alt=\"\" \/><\/a><\/p>\n<p>For example, its authors made continuous changes to the malware to avoid detection by anti-virus software.<\/p>\n<p>The method of infection wasn&#8217;t all that clever, however. They simply sent spam messages to thousands (maybe millions) of users and those who didn&#8217;t know any better opened the attachments, ultimately infecting their computer.<\/p>\n<p>Those behind Lecpetex eventually caught on to Facebook&#8217;s efforts to shut it down, even leaving notes on command-and-control servers proclaiming their innocence. On April 30, the social network reached out to Greek police who quickly launched an investigation. By July 3, two suspects had been taken into custody.<\/p>\n<p>Facebook&#8217;s post goes into a lot more detail than we have time to cover here. If you&#8217;re interested in the finer details of the botnet, feel free to pop over and check out the full post.<\/p>\n<p>via <a href=\"http:\/\/www.techspot.com\/news\/57363-facebook-helped-shut-down-lecpetex-botnet-responsible-for-turning-pcs-into-litecoin-miners.html\" target=\"_blank\">Facebook helped shut down &#8216;Lecpetex&#8217; botnet responsible for turning PCs into Litecoin miners &#8211; TechSpot<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Law enforcement officials in Greece recently arrested two people last week that they believe were responsible for operating a botnet [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[7,8],"tags":[128,142,347],"class_list":["post-5943","post","type-post","status-publish","format-standard","hentry","category-security","category-social-media","tag-bitcoin","tag-botnet","tag-facebook"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1xR","jetpack-related-posts":[{"id":9343,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/05\/27\/this-week-in-tech-668-how-many-cups-in-a-stone\/","url_meta":{"origin":5943,"position":0},"title":"This Week in Tech 668: How Many Cups in a Stone?","author":"NCCT","date":"May 27, 2018","format":false,"excerpt":"https:\/\/youtu.be\/i1oqaFyVcQ0 --The FBI wants you to reboot your router right now. FBI agents have gained control of a huge Russian botnet. If your router is affected you just need to reboot it. --Facebook and Russian ads - how should government react in the age of cyber warfare? --Amazon sells facial\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/i1oqaFyVcQ0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9393,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/08\/19\/this-week-in-tech-680-hacky-hack-hack\/","url_meta":{"origin":5943,"position":1},"title":"This Week in Tech 680: Hacky Hack Hack","author":"NCCT","date":"August 19, 2018","format":false,"excerpt":"https:\/\/youtu.be\/7ClMz3MkTJk This Week in Tech Elon's Twitter addiction, $1200 iPhone XS+, Movie Pass Fail, Pai's lie, and more. --Leave Elon alone! Tesla tumbles after Musk laments his \"most difficult and painful year.\" --Google employees revolt over China rumors; town hall meeting shut down due to \"kerfuffle\" tweets. --Apple thinks that\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/7ClMz3MkTJk\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9403,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/10\/01\/older-than-the-mini-jack-this-week-in-tech-686\/","url_meta":{"origin":5943,"position":2},"title":"Older Than the Mini Jack &#8211; This Week in Tech 686","author":"NCCT","date":"October 1, 2018","format":false,"excerpt":"https:\/\/youtu.be\/a2BeanU0FsU Facebook breach, Elon\u2019s costly tweet, Google turns 20, and more. --How to tell if your Facebook account is one of the 50 million that were hacked this week --Why the founder of Instagram left Facebook --\"Funding secured\" tweet costs Elon Musk his chairmanship and $40 million --Google turns 20\u2026","rel":"","context":"In &quot;Social Media&quot;","block_context":{"text":"Social Media","link":"https:\/\/nccomputertech.com\/techtalk\/category\/social-media\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/a2BeanU0FsU\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9339,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/05\/14\/this-week-in-tech-666-leave-john-legend-um-alone\/","url_meta":{"origin":5943,"position":3},"title":"This Week in Tech 666: Leave John Legend, Um, Alone!","author":"NCCT","date":"May 14, 2018","format":false,"excerpt":"https:\/\/youtu.be\/U_aUjM9MNhk ZTE shuts down, but help is on the way from an unlikely tweet. Google I\/O shows off creepy robocallers and helpful directions. Microsoft Build brings Cortana\/Alexa integration and the return of Kinect. Congress releases over 3500 Russian Facebook election ads. Cambridge Analytica \"dies,\" is reborn as Emerdata. Robocaller gets\u2026","rel":"","context":"In &quot;Microsoft&quot;","block_context":{"text":"Microsoft","link":"https:\/\/nccomputertech.com\/techtalk\/category\/microsoft\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/U_aUjM9MNhk\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9518,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/02\/10\/between-the-buns-this-week-in-tech-705\/","url_meta":{"origin":5943,"position":4},"title":"Between the Buns &#8211; This Week in Tech 705","author":"NCCT","date":"February 10, 2019","format":false,"excerpt":"https:\/\/youtu.be\/KZ52Am221no Improving government websites, blocking the big five, Spotify\u2019s podcast move, and more. -- Alphabet Earnings: Google's Cost Per Click -- Cutting out Google, Apple, Amazon, Facebook, and Microsoft -- The US to Ban Huawei 5GTech -- Germany Outlaws Facebook's Business Model -- What if Google Just Doesn't Pay Its\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/KZ52Am221no\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9434,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/11\/19\/big-boy-easy-bake-oven-this-week-in-tech-693\/","url_meta":{"origin":5943,"position":5},"title":"Big Boy Easy Bake Oven &#8211; This Week in Tech 693","author":"NCCT","date":"November 19, 2018","format":false,"excerpt":"https:\/\/youtu.be\/UZTkCVjGjWQ - Facebook's latest crisis is... its reaction to its last crisis. - Waymo plans a driverless car service. - Amazon announces its new headquarters in Queens and North Virginia. - Google's \"smart city\" in Toronto gets some pushback. - Julian Assange has been charged with... something? - SpaceX gets\u2026","rel":"","context":"In &quot;Technology&quot;","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/UZTkCVjGjWQ\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5943","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=5943"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5943\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=5943"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=5943"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=5943"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}