Symantec


Ramnit Botnet Shut Down

Europol and several private technology companies announced the overnight takedown of the command and control infrastructure supporting the Ramnit botnet.


New malware targeting Windows 8 appears to be using Google Docs as a proxy server instead of directly connecting to a command and control (C&C) server. According to research done by Symantec and discussed in the company’s Security Response blog late last week, a Trojan, Backdoor.Makadocs, targets Windows 8 – along with Windows Server 2012 – yet doesn’t use any of the software’s particular functions as an exploit vector.

More than three quarters of small business owners claim their companies are safe from cyber attacks, yet only 17 percent of those businesses have implemented a formal cybersecurity plan.This is just one of many problems for small businesses in the digital realm, according to a joint survey (.PDF) released by the National Cyber Security Alliance (NCSA) and security firm Symantec this week.

Hundreds of thousands of users who signed up for an inexpensive proxy service called Proxybox.name got quite a steal alright. They ended up installing a Trojan horse linked to a botnet first detected last summer.Researchers at Symantec reverse engineered the Backdoor.Proxybox malware and unearthed a major black hat operation and perhaps the actual malware developer.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.