¶ … Pony Botnet attack. Details about the attack, resolutions, and concerned parties will be studied.
Background/Hacking
Botnets can be loosely described as a collection of interconnected compromised devices, known as 'zombies', synchronously working with compromised devices to execute malicious tasks. Zombies are not self-directed like internet worms; they need proper direction to carry out a particular function. Zombies can be transmitted by a variety of channels for instance, an Internet Relay Chat (IRC) channel, from where the commands are sent by a master channel by these zombies (Jermyn et.al, 2014). Some typical botnet tasks include mass spamming a company's email address. One email address could be attacked by numerous zombie devices instigating a denial of service.
In case of smartphones, botnets can cause potential damage to cellular network infrastructure because they have firm hierarchical dependencies; therefore, they would be unable to counter this cyber-attack. The recent academic work based on mass botnet attacks against cellular networks is comprised of two categories. Apart from that, core internet services such as BGP (Border Gateway Protocall) and DNS (Domain Name System) can also be targeted. As of yet, botnet attacks are limited to desktop computers. However, during recent years, given the soaring popularity of Smartphone devices, Smartphone-based botnets have also risen considerably.
Researchers noticed the lack of authentication required for traffic signaling in cellular networks. This could cause considerable damage if an attacker connects to the network (Jermyn et.al, 2014).
Experiments were conducted to ascertain whether a similar amount of damage is conceivable by a collection of compromised wireless devices attempting to saturate the cellular network, and using these compromised devices for spam attacks on websites. The threats mentioned are concrete and easier to implement on cellular networks by developing a botnet for smartphones.
Pony Botnet
A new wave of cyber-attacks known as 'Pony' has attacked thousands of computers with the intention of stealing bitcoin and electronic money. This is the biggest and the most elaborate cyber-attack on electronic money yet, as per Trustwave's findings. According to Trustwave's findings, the architects of the Pony botnet cyber-attack have already stolen 85 online wallets containing bitcoins and other variations of online money (Pony Botnet Steals). The company was not aware of the exact amount containing in the wallets.
Trustwave's findings emerged after a fresh wave of cyber-attacks was launched on bitcoin websites. The attack compelled three online currency companies to freeze withdrawals, resulting in a plunge in the bitcoin's value to 33% during three weeks period. Bitcoin is a new form of digital currency developed by a team of programmers. No single person and/or company governs bitcoin; its value is purely based on user demand (Pony Botnet Steals). People trading in bitcoins can store their money in online wallets on their computers and/or companies offering storage services. Mining for bitcoins is a time-consuming task, as computers work with complex mathematical computations.
The botnet operators are committing electricity theft and consuming data center resources as they exploit the compromised devices to search for digital money. Trust wave discovered 2 million passwords stolen from websites such as Facebook, Twitter, Google, and Yahoo, as it worked with a primitive version of Pony malware while investigating a command-and-control server. Trustwave reported that another 600 accounts were compromised by the latest Pony derivative. Twitter and Facebook representatives have changed passwords of their hacked users. A spokeswoman from Google declined to comment; Yahoo representatives were unavailable also (Cyber Experts Uncover).
Reuters was informed by Trustwave that it had informed the major 90,000 websites and internet service providers about its findings on the server. This accumulated data consists of 326,000 Facebook accounts, 60,000 Google accounts, 59,000 Yahoo accounts and 22,000 accounts from Twitter as per Spider Labs (Cyber Experts Uncover).
The majority of the affected users belonged to America, Singapore, Germany and Thailand, and some other countries. The authorities in Netherlands were contacted by Spider Labs, requesting them to shut down the Pony bot server. As per Spider Labs findings, most of the passwords consisted of '123456', used in approximately 16,000 accounts. Other vague passwords included: 'Password';'
1'; '123'; and 'Admin'.
It has been seen many times that many people use simple logins and passwords, and use them on multiple accounts without realizing that they are too simple to provide security. Learning not to use easy passwords is a responsibility of users.
Bitcoin is a digital currency sustained by software code written by an unknown programmer or group of programmers. It is not governed by any one company or person, and its value is determined by user demand. People who buy digital currency can store it in virtual wallets on their own machines or with companies...
According to Mador, theft of digital currency is evolving and with high chances of further growth (Cybercriminals Use Pony Botnet).
Mador advises digital currency buyers to avert hacker attacks by making use of encrypted files that are turned off by default, but can be activated when required. A trade company representing the Bitcoin Foundation promotes virtual currency adoption. This firm suggested that bitcoin users should safely deposit their money in a secret location to avert theft from cyber criminals (Cybercriminals Use Pony Botnet).
The level of security in an 'electronic wallet' is improving by leaps and bounds. Jinyoung Lee Englund, the director of public affairs of the Bitcoin Foundation stated that electronic wallets are now capable of supporting multi-signature transactions (Cybercriminals Use Pony Botnet).
Ziv Mador, a security research director at Trustwave, based in Chicago, stated that this is the first time such a widespread form of malware has been observed (Cybercriminals Use Pony Botnet). It infected thousands of devices. The hackers are still operating and their identities are still unknown to the company. The corporation has disabled the servers that were infected by the Pony malware; now the next target is expected to be a cyber-attack on the electronic money users. Easy passwords such as '11111' and '123456' are used by major websites. These passwords are easiest to hack and infect after Pony botnet has infested the targeted websites.
Possible Resolution
Companies such as Accuvant are well versed in designing custom-made software capable of spying on other systems and gathering intelligence. Accuvant is also capable of shutting down a server, a task for which they are paid $1 million. For instance, if Humperdink claims to unleash a viral attack on China taking it offline, this type of cyber warfare can be prevented.
Half a decade ago, North Koreans were testing their missiles using computers. If the American government comes forward with a proposal to disable their missiles for $15 million, their missiles can be turned into useless bricks. Moreover, if someone came with a proposal of disabling every computer in Iran for $20 million, it could be delivered. Going the extra mile, every algorithm sold by Accuvant has its own unique cyberpunk handle, similar to that of Purple Mantis, presented on a jet black flash drive, placed in a plaque with name imprinted with laser (Kushner).
The employees of NCCICC, a company barely four years old, call it enkick, as its nation's nervous system for threats online. Teams are drawn out 24 hours a day from a reservoir of 500 DHS cyber professionals always-ready in this command center. The front wall consists of flickering diagrams tracking real-time dangers. These consist of anomalies in traffic in federal agencies, managing the U.S.A. cyber alert levels, and a mapped version of the nation's telecommunication system (no cyber without a fiber, exclaims an engineer). At present, cyber-attacks on NASA and IRS are at minimum. Nevertheless, the amount of cyber-attacks is on the rise. 190,000 cyber-attacks were reported in 2012; the number has reached 214,000 this year. Deferral agencies are compelled to hire fresh talent as a key priority (Kushner).
The DHS (Department of Homeland Security) is sponsoring invitation-only Cyber Camps; these hosts 'hacking competitions' for talented individuals. NCCICC holds its sense of duty in high regard, while having high levels of security clearances. The director Larry Zelvin proudly maintains that his team is lured away from fat paychecks offered everywhere else because being inside the government is the highest honor for any individual. He states that no corporation offers that perk.
References
Cybercriminals use Pony Botnet (2014, February 24). NBC News - Breaking News & Top Stories - Latest World, U.S. & Local News. Cybercriminals Use 'Pony' Botnet to Steal Bitcoins, Digital Currencies - NBC News. Retrieved June 16, 2015, from http://www.nbcnews.com/tech/security/cybercriminals-use-pony-botnet-steal-bitcoins-digital-currencies-n37571
Cyber Experts Uncover (2013, December 5). Insurance Journal - Property Casualty Insurance News. Cyber Experts Uncover 2 Million Stolen Passwords to Global Web Accounts. Retrieved June 16, 2015, from http://www.insurancejournal.com/news/international/2013/12/05/313069.htm
Jermyn, J., Salles-Loustau, G., & Zonouz, S. (2014). An Analysis of DoS Attack Strategies against the LTE RAN. Journal of Cyber Security,3(2), 159-180. Retrieved, from http://riverpublishers.com/journal/journal_articles/RP_Journal_2245-1439_323.pdf
Kushner, D. (n.d.). Rolling Stone -- Music, Movies, TV, Politics, Country, and Culture. Hackers Courted by Government for Cyber Security Jobs - Rolling Stone. Retrieved June 16, 2015, from http://www.rollingstone.com/feature/the-geeks-on-the-frontlines#i.15aflb8xvvdm3r
Pony Botnet Steals (2014, February 24). Stock Markets, Business News, Financials, Earnings - CNBC. 'Pony' botnet steals bitcoins, digital currencies - Trustwave. Retrieved June 16, 2015, from http://www.cnbc.com/id/101441220
