http://www.wired.com/threatlevel/2011/10/m00p-takedown/ By Kim Zetter Threat Level Wired.com October 5, 2011 It’s rare that malware-writing crews get arrested for creating the tools that criminals use. But a presentation at the Virus Bulletin conference in Spain this week described an extensive operation in which law enforcement agents worked successfully with the Finnish anti-virus firm F-Secure to catch two members of the M00p gang, makers of malware that allowed criminals to steal passwords and proprietary documents, remotely control web cams and commandeer computers for use as spambots. Detective Constable Bob Burls of the Police Central e-Crime Unit in the United Kingdom described, along with F-Secure Chief Research Officer Mikko Hypponen, how “Operation Kennet” was ultimately able to identify two members of the M00p gang — Matthew Anderson and Artturi Alm — which operated from 2004 to 2006. The Finnish company F-Secure got involved in part because M00p crafted malware-infected e-mails that were designed to look like they came from F-Secure. According to Sophos’ Graham Cluley, who attended the presentation, Burls came onto the case while investigating an intrusion at a hospital that was infected with a piece of M00p botnet malware. He discovered that the botnet communicated with a domain registered to one warpiglet_at_private That address was soon linked to Anderson, a 33-year-old father of five from Scotland, and his company Opton-Security, which purported to be a computer security firm. [...] _____________________________________________________________ FINAL CALL to register #HITB2011KUL - Asia's premier deep-knowledge network security event now in it's 9th year! http://conference.hitb.org/hitbsecconf2011kul/Received on Fri Oct 07 2011 - 00:35:16 PDT
This archive was generated by hypermail 2.2.0 : Fri Oct 07 2011 - 00:40:12 PDT