Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


SIMDA Botnet taken down by Law Enforcement and Antivirus companies

  • Please log in to reply
No replies to this topic

#1 Aura


    Bleepin' Special Ops

  • Malware Response Team
  • 19,697 posts
  • Gender:Male
  • Local time:09:07 PM

Posted 17 April 2015 - 07:00 AM

A group of antivirus competitors joined together with Interpol to take down a massive botnet of more than 770,000 compromised machines worldwide.

Trend Micro, Microsoft, and Kaspersky Labs teamed up to go after SIMDA, an elaborate botnet in which malware modifies HOSTS files on Windows machines from reputable sites like Facebook, Bing, Yahoo, and Google Analytics, and redirects people to malicious sites. Even after the SIMDA backdoor has been removed, infected HOSTS files can remain.

Antivirus competitors join arms to take down a huge botnet

Yet another takedown for the Law Enforcement and Antivirus companies!  :thumbup2:

US-CERT article on SIMDA: https://www.us-cert.gov/ncas/alerts/TA15-105A
Another aticle on Naked Security: https://nakedsecurity.sophos.com/2015/04/15/interpol-announces-successful-takedown-of-simda-botnet/
Kaspersky's webpage to help you see if you are infected with SIMDA: https://checkip.kaspersky.com/
TrendMicro HouseCall, which can successfully detect SIMDA on a system: http://housecall.trendmicro.com/

Edited by Aura., 17 April 2015 - 07:02 AM.

Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.

BC AdBot (Login to Remove)


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users