Communications of the ACM
Botnet Takedown May Yield Valuable Data
Ruhr-University researchers have dismantled part of Pushdo, one of the top five networks of hacked computers responsible for most of the world's spam, which could shed more light on the nature of botnets. The researchers want to develop a method to determine what type of malicious spamming software is on a computer that sent a certain spam email. "We will analyze all the log data we have because I think we can provide a good overview of a modern spam operation," says Ruhr-University professor Thorsten Holz.
In order to fight botnets, researchers need a method to identify and fix infected machines. Ruhr-University researchers identified eight hosting providers that had Pushdo's command-and-control servers, and six shut them down. Although most of Pushdo's servers have been taken down, Holz says the spam operators could use the remaining servers to reconstitute the botnet.
From IT World
View Full Article
Abstracts Copyright © 2010 Information Inc., Bethesda, Maryland, USA 
No entries found