Sep 11, 2012

Tech News: DNS Companies Announce Partnership to Help Fight Cybercrime

Unfortunately, with today’s Internet, users need to be consistently on guard with the websites they visit, the information they give out and even their email. Not only can users have their identity stolen, but their intellectual property as well. For example, nearly two weeks ago Android reported that thousands of its tablets and smartphones had been infected with malware and turned into, as the company claims, a “giant spam botnet.” According to Android, researchers discovered that spam emails promoting fake pharmaceutical drugs were being sent to tablets and smartphones using Android. The company also noted this was with a new form of malware. Dan Lim, editor of iAndroidtablet.com, gave his advice to users saying, “Given the damage that this malware can cause, it simply isn’t worth saving a few dollars on the cost of a [app] download.” Although this incident only involved smartphones and tablets, the same holds true for computers which can also be subjected to botnet malware, essentially becoming a hijacked computer. In 2010, for example, 26-year-old Matjaz Skorjanc was arrested for creating the Mariposa botnet. The computers, according to Sophos Security Consultant Graham Cluley, were infected with the polymorphic W32/Rimecud family of malware, which spread itself via a number of methods including copying itself to removable storage devices, instant messaging and P2P file-sharing systems. According to Cluley’s blog post, at its peak, the botnet had silently infiltrated nearly 13 million computers in more than 190 countries. “Once a computer has been compromised and brought into the botnet, operators could steal information from innocent users – including credit card details and banking passwords,” wrote Cluley. To help counteract such attacks before they even compromise a customer’s computer, Xerocole, a broadband DNS company, and Damballa, a provider that helps clients’ systems fight cybercrime, have announced a partnership. According to both companies, the partnership will help cable, telecom, and internet service providers identify and take corrective action against subscriber machines that are infected with botnet malware. “Botnet-controlled endpoints generate high levels of malicious traffic and consume valuable network resources and bandwidth,” said Barry Greene, member of the US FCC Communications Security, Reliability and Interoperability Council. “Xerocole DNS WorX with Damballa CSP allows service providers to automatically detect malware infected subscriber machines, and provides an unattended mechanism to notify their customers and provide them with remediation steps so they can clean up their device.” Xerocole and Damballa both noted that their joint solution will help carriers comply with the FCC’s new Anti-Botnet Code of Conduct. The Anti-Botnet Code of Conduct targets three main security threats: botnets, DNS attacks and internet route hijacking; as reported by Engadget. The code was put in place to make internet service providers “adopt sharper detection methods, and to notify and assist consumers whenever their computers are infected.” “Infected subscriber machines and botnet traffic not only hog network resources, but they also increase network management costs,” said Rob Fleischman, CTO of Xerocole. “By adding Damballa CSP to the DNSWorX suite, we are providing network operators with an additional world-class source for pinpointing malicious activity, which can be remediated using our unattended InformX customer notification capabilities.” The Xerocole platform, according to the company, enables broadband network operators to support IPv6 and DNSSEC, monetize non-existent domain errors and deliver personalized services to subscribers.