{"id":5943,"date":"2014-07-11T10:00:44","date_gmt":"2014-07-11T14:00:44","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=5943"},"modified":"2014-07-11T10:00:44","modified_gmt":"2014-07-11T14:00:44","slug":"facebook-helped-shut-down-lecpetex-botnet-responsible-for-turning-pcs-into-litecoin-miners","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2014\/07\/11\/facebook-helped-shut-down-lecpetex-botnet-responsible-for-turning-pcs-into-litecoin-miners\/","title":{"rendered":"Facebook helped shut down ‘Lecpetex’ botnet responsible for turning PCs into Litecoin miners"},"content":{"rendered":"

Law enforcement officials in Greece recently arrested two people last week that they believe were responsible for operating a botnet called Lecpetex. The hackers reportedly infiltrated up to 50,000 Facebook accounts and some 250,000 computer which were used to mine Litecoins, a popular alternative virtual currency similar to Bitcoins.<\/p>\n

As outlined in a blog post, Facebook’s Treat Infrastructure team has been working with several industry partners over the last seven months to eradicate the botnet. It took that long to bring down Lecpetex primarily because it featured multiple technical features that made it more resilient to analysis and disruption efforts.<\/p>\n

\"\"<\/a><\/p>\n

For example, its authors made continuous changes to the malware to avoid detection by anti-virus software.<\/p>\n

The method of infection wasn’t all that clever, however. They simply sent spam messages to thousands (maybe millions) of users and those who didn’t know any better opened the attachments, ultimately infecting their computer.<\/p>\n

Those behind Lecpetex eventually caught on to Facebook’s efforts to shut it down, even leaving notes on command-and-control servers proclaiming their innocence. On April 30, the social network reached out to Greek police who quickly launched an investigation. By July 3, two suspects had been taken into custody.<\/p>\n

Facebook’s post goes into a lot more detail than we have time to cover here. If you’re interested in the finer details of the botnet, feel free to pop over and check out the full post.<\/p>\n

via Facebook helped shut down ‘Lecpetex’ botnet responsible for turning PCs into Litecoin miners – TechSpot<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"

Law enforcement officials in Greece recently arrested two people last week that they believe were responsible for operating a botnet […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_feature_clip_id":0,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7,8],"tags":[128,142,347],"class_list":["post-5943","post","type-post","status-publish","format-standard","hentry","category-security","category-social-media","tag-bitcoin","tag-botnet","tag-facebook"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-1xR","jetpack-related-posts":[{"id":8771,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/12\/07\/microsoft-global-law-enforcement-agencies-disrupt-dorkbot-botnet\/","url_meta":{"origin":5943,"position":0},"title":"Microsoft, global law enforcement agencies disrupt Dorkbot botnet","author":"NCCT","date":"December 7, 2015","format":false,"excerpt":"By Shawn Knight | Techspot Microsoft, in cooperation with a number of law enforcement agencies around the world, managed to disrupt a botnet that\u2019s infected over a million PCs across more than 190 countries. First discovered in April 2011, Dorkbot is an IRC-based botnet that has been commercialized by its\u2026","rel":"","context":"In "Networking"","block_context":{"text":"Networking","link":"https:\/\/nccomputertech.com\/techtalk\/category\/networking\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8453,"url":"https:\/\/nccomputertech.com\/techtalk\/2015\/07\/07\/zeusvm-malware-building-tool-leak-may-cause-botnet-surge\/","url_meta":{"origin":5943,"position":1},"title":"ZeusVM malware building tool leak may cause botnet surge","author":"NCCT","date":"July 7, 2015","format":false,"excerpt":"The Internet could see a new wave of botnets based on the ZeusVM banking Trojan after the tools needed to build and customize the malware program were published online for free. The source code for the builder and control panel of ZeusVM version 2.0.0.0 was leaked sometime in June, according\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":8923,"url":"https:\/\/nccomputertech.com\/techtalk\/2016\/05\/17\/this-botnet-has-infected-nearly-a-million-devices-since-2014\/","url_meta":{"origin":5943,"position":2},"title":"This botnet has infected nearly a million devices since 2014","author":"NCCT","date":"May 17, 2016","format":false,"excerpt":"By Shawn Knight | TechSpot One of the many ways that cybercriminals earn income is through affiliate advertising programs like Google\u2019s AdSense. Rather than generate traffic through content creation, hackers figure out ways to trick advertising platforms into thinking a partner is sending them legitimate traffic. Not knowing they're being\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":9277,"url":"https:\/\/nccomputertech.com\/techtalk\/2017\/12\/17\/this-week-in-tech-645-not-a-bright-guy\/","url_meta":{"origin":5943,"position":3},"title":"This Week in Tech 645: Not a Bright Guy","author":"NCCT","date":"December 17, 2017","format":false,"excerpt":"https:\/\/youtu.be\/PPtupeFP1HU FCC cancels Net Neutrality and Ajit Pai mocks protesters. Apple's new iMac Pro costs a minimum of $4999 and goes up from there. Disney buys 21st Century Fox, gaining X-Men, Fantastic Four, and A New Hope, along with a 60% share of Hulu. Google cancels Tango as ARCore picks\u2026","rel":"","context":"In "Technology"","block_context":{"text":"Technology","link":"https:\/\/nccomputertech.com\/techtalk\/category\/technology\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/PPtupeFP1HU\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9343,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/05\/27\/this-week-in-tech-668-how-many-cups-in-a-stone\/","url_meta":{"origin":5943,"position":4},"title":"This Week in Tech 668: How Many Cups in a Stone?","author":"NCCT","date":"May 27, 2018","format":false,"excerpt":"https:\/\/youtu.be\/i1oqaFyVcQ0 --The FBI wants you to reboot your router right now. FBI agents have gained control of a huge Russian botnet. If your router is affected you just need to reboot it. --Facebook and Russian ads - how should government react in the age of cyber warfare? --Amazon sells facial\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/i1oqaFyVcQ0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":5750,"url":"https:\/\/nccomputertech.com\/techtalk\/2014\/06\/11\/one-click-test-finds-gameover-zeus-infections-on-pcs\/","url_meta":{"origin":5943,"position":5},"title":"One-click test finds Gameover Zeus infections on PCs","author":"NCCT","date":"June 11, 2014","format":false,"excerpt":"Users can test by simply visiting a Web page if their computers have been infected with Gameover Zeus, a sophisticated online banking Trojan that law enforcement officers temporarily disrupted last week. The one-click test was developed by security researchers from antivirus vendor F-Secure and takes advantage of the malware\u2019s aggressive\u2026","rel":"","context":"In "Security"","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5943","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=5943"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/5943\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=5943"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=5943"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=5943"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}