{"id":8771,"date":"2015-12-07T11:57:13","date_gmt":"2015-12-07T15:57:13","guid":{"rendered":"http:\/\/blog.nccomputertech.com\/?p=8771"},"modified":"2015-12-07T11:57:13","modified_gmt":"2015-12-07T15:57:13","slug":"microsoft-global-law-enforcement-agencies-disrupt-dorkbot-botnet","status":"publish","type":"post","link":"https:\/\/nccomputertech.com\/techtalk\/2015\/12\/07\/microsoft-global-law-enforcement-agencies-disrupt-dorkbot-botnet\/","title":{"rendered":"Microsoft, global law enforcement agencies disrupt Dorkbot botnet"},"content":{"rendered":"<p>By <a href=\"http:\/\/www.techspot.com\/community\/staff\/shawn-knight.268030\/\" target=\"_blank\" rel=\"author\">Shawn Knight<\/a> | <a href=\"http:\/\/www.techspot.com\/news\/63040-microsoft-global-law-enforcement-agencies-disrupt-dorkbot-botnet.html\" target=\"_blank\">Techspot<\/a><\/p>\n<p>Microsoft, in cooperation with a number of law enforcement agencies around the world, managed to <a href=\"http:\/\/blogs.technet.com\/b\/mmpc\/archive\/2015\/12\/03\/microsoft-assists-law-enforcement-to-help-disrupt-dorkbot-botnets.aspx\" target=\"_blank\">disrupt<\/a> a botnet that\u2019s infected over a million PCs across more than 190 countries.<\/p>\n<p>First discovered in April 2011, <a href=\"http:\/\/www.techspot.com\/news\/50443-dorkbot-worm-spreading-via-skype-installs-nasty-ransomware.html\" target=\"_blank\">Dorkbot<\/a> is an IRC-based botnet that has been commercialized by its creator and is readily available for purchase on underground online forums as NgrBot. The malware relies on USB drives, social networks, IM clients, spam and drive-by downloads for distribution.<\/p>\n<p>It\u2019s most often used to steal login credentials for many of today\u2019s top sites and services including AOL, eBay, Facebook, Gmail, Godaddy, Netflix, PayPal, Steam, Twitter, Yahoo and YouTube.<\/p>\n<p>Over the past six months, Microsoft said it detected Dorkbot on roughly 100,000 systems each month with the majority of infections spotted internationally.<\/p>\n<p>Microsoft said it worked with CERT Polska, ESET, the Canadian Radio-television and Telecommunications Commission, the Department of Homeland Security\u2019s United States Computer Emergency Readiness Team, Europol, the Federal Bureau of Investigation, Interpol and the Royal Canadian Mounted Police to disrupt the botnet.<\/p>\n<p>Details on exactly what actions were taken to disrupt Dorkbot weren\u2019t mentioned.<\/p>\n<p>The US Computer Emergency Readiness Team (CERT) <a href=\"https:\/\/www.us-cert.gov\/ncas\/alerts\/TA15-337A\" target=\"_blank\">advises<\/a> those that have been infected to use and maintain anti-virus software, change passwords, keep operating system and application software up-to-date, use anti-malware tools and disable Windows Autorun.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>By Shawn Knight | Techspot Microsoft, in cooperation with a number of law enforcement agencies around the world, managed to [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[6,7,8,9],"tags":[142,301,347,740,807,1110,1265,1270],"class_list":["post-8771","post","type-post","status-publish","format-standard","hentry","category-networking","category-security","category-social-media","category-software","tag-botnet","tag-dorkbot","tag-facebook","tag-netflix","tag-paypal","tag-twitter","tag-yahoo","tag-youtube"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/papNkV-2ht","jetpack-related-posts":[{"id":9343,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/05\/27\/this-week-in-tech-668-how-many-cups-in-a-stone\/","url_meta":{"origin":8771,"position":0},"title":"This Week in Tech 668: How Many Cups in a Stone?","author":"NCCT","date":"May 27, 2018","format":false,"excerpt":"https:\/\/youtu.be\/i1oqaFyVcQ0 --The FBI wants you to reboot your router right now. FBI agents have gained control of a huge Russian botnet. If your router is affected you just need to reboot it. --Facebook and Russian ads - how should government react in the age of cyber warfare? --Amazon sells facial\u2026","rel":"","context":"In &quot;Security&quot;","block_context":{"text":"Security","link":"https:\/\/nccomputertech.com\/techtalk\/category\/security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/i1oqaFyVcQ0\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9516,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/02\/03\/to-the-woodshed-with-you-this-week-in-tech-704\/","url_meta":{"origin":8771,"position":1},"title":"To the Woodshed With You! &#8211; This Week in Tech 704","author":"NCCT","date":"February 3, 2019","format":false,"excerpt":"https:\/\/youtu.be\/14UX3TQ0K3Q FaceTime Flaw, Apple Spanks Facebook and Google, Huawei Suspicions, FBI Wants Your DNA, and more. \u2022 How to Watch the Superbowl Commercials Without All That Annoying Football \u2022 Apple's Not So Horrible Quarterly Earnings \u2022 Facetime Flaw Dulls Apple's Privacy Shine \u2022 Apple Spanks Facebook and Google for Data\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/14UX3TQ0K3Q\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9366,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/06\/10\/this-week-in-tech-670-go-theranos-or-go-home\/","url_meta":{"origin":8771,"position":2},"title":"This Week in Tech 670: Go Theranos or Go Home","author":"NCCT","date":"June 10, 2018","format":false,"excerpt":"https:\/\/youtu.be\/jCxygSzkfL4 --A New Tech Manifesto by Baratunde: how to reinvent social media to improve all our lives. --Apple's WWDC announcements: Screen Time restores balance to your life, memojis avoid the uncanny valley, ARKit 2 might (might) actually have usefull apps, Siri Shortcuts might (might) make Siri useful, macOS Mojave makes\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/jCxygSzkfL4\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9405,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/10\/07\/odorless-and-weightless-hackers-this-week-in-tech-687\/","url_meta":{"origin":8771,"position":3},"title":"Odorless and Weightless Hackers &#8211; This Week in Tech 687","author":"NCCT","date":"October 7, 2018","format":false,"excerpt":"https:\/\/youtu.be\/lb4rnqfNdas Chinese Spy Chips, Microsoft Highs and Lows, Pixel 3 Event Predictions, and More! Bloomberg reports that China used tiny chips to spy on Apple, Amazon, and the US government. Apple and Amazon deny it. How do we know who is right? All the news from the Microsoft Surface event,\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/lb4rnqfNdas\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9303,"url":"https:\/\/nccomputertech.com\/techtalk\/2018\/03\/04\/this-week-in-tech-656-a-camel-with-your-name-on-it\/","url_meta":{"origin":8771,"position":4},"title":"This Week in Tech 656: A Camel With Your Name on It","author":"NCCT","date":"March 4, 2018","format":false,"excerpt":"https:\/\/youtu.be\/ku80BZaG1rY Surprise: young people use social more than the oldsters. Some of them even use Vero. Samsung Galaxy S9 takes top marks for display and camera. Google Fiber didn't go quite as planned. Feds in your iPhone? It's more likely than you think. Amazon buys Ring, can now see and\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/ku80BZaG1rY\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":9518,"url":"https:\/\/nccomputertech.com\/techtalk\/2019\/02\/10\/between-the-buns-this-week-in-tech-705\/","url_meta":{"origin":8771,"position":5},"title":"Between the Buns &#8211; This Week in Tech 705","author":"NCCT","date":"February 10, 2019","format":false,"excerpt":"https:\/\/youtu.be\/KZ52Am221no Improving government websites, blocking the big five, Spotify\u2019s podcast move, and more. -- Alphabet Earnings: Google's Cost Per Click -- Cutting out Google, Apple, Amazon, Facebook, and Microsoft -- The US to Ban Huawei 5GTech -- Germany Outlaws Facebook's Business Model -- What if Google Just Doesn't Pay Its\u2026","rel":"","context":"In &quot;Apple&quot;","block_context":{"text":"Apple","link":"https:\/\/nccomputertech.com\/techtalk\/category\/apple\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/KZ52Am221no\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8771","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/comments?post=8771"}],"version-history":[{"count":0,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/posts\/8771\/revisions"}],"wp:attachment":[{"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/media?parent=8771"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/categories?post=8771"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nccomputertech.com\/techtalk\/wp-json\/wp\/v2\/tags?post=8771"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}