More on the Moose botnet at Botconf

Posted by   Martijn Grooten on   Dec 2, 2016

This week, several members of the Virus Bulletin team are attending Botconf 2016 in Lyon, France. Security conferences provide good opportunities to meet fellow researchers and to learn about new trends and developments, but it also interesting to see a continuation of previously presented research.

At this year's Botconf, GoSecure researchers Masarah Paquet-Clouston and Olivier Bilodeau presented their research on the Moose botnet, which Olivier Bilodeau previously spoke about at VB2015 (at the time working for ESET).

 

moosesign.jpg

 

The Moose botnet consists entirely of routers and is used to create fake social media accounts, which are then used to sell followers and appreciations, especially on Instragram. At Botconf, the researchers showed how this was almost the perfect cybercrime: it makes the botherders a pretty good amount of money, while the fact that there are no direct victims helps them stay under the radar of law enforcement.

We thought it was a good opportunity to upload the video of Olivier's VB2015 presentation to our YouTube channel.

 

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Necurs pump-and-dump spam campaign pushes obscure cryptocurrency

A Necurs pump-and-dump spam campaign pushing the lesser known Swisscoin botnet is mostly background noise for the Internet.

Alleged author of creepy FruitFly macOS malware arrested

A 28-year old man from Ohio has been arrested on suspicion of having created the mysterious FruitFly malware that targeted macOS and used it to spy on its victims.

The threat and security product landscape in 2017

At the start of the new year, Virus Bulletin looks back at the threats seen in the 2017 and at the security products that are available to help mitigate them.

Spamhaus report shows many botnet controllers look a lot like legitimate servers

Spamhaus's annual report on botnet activity shows that botherders tend to use popular, legitimate hosting providers, domain registrars and top-level domains when setting up command-and-control servers.

Tips on researching tech support scams

As tech support scammers continue to target the computer illiterate through cold calling, VB's Martijn Grooten uses his own experience to share some advice on how to investigate such scams.