Thursday, December 03, 2015

US CERT issues advisory about "Dorkbot"


US Cert (United States Computer Emergency Readiness Team) has issued a major bulletin about the “Dorkbot”, a botnet that is used for several illegal purposes, including stealing online payment information and participating in DDOS (denial of service) attacks, link here . The alert is called “TA15-337A”.  It affects Windows systems.

CERT believes modern anti-virus companies are keeping up with this particular item.
 
One of the best defenses against payment fraud or bank attacks is regular inspection of all one’s financial accounts online.  It may be easier to have fewer of these so it is easier to check them frequently. Accounts should be checked every week during normal business hours (as some systems might have weekend maintenance, and it is possible to call immediately and get attention when catching a problem in a business day).
 
Private or small-business websites could be jeopardized by DDOS. But better hosting companies can detect attempts and blacklist or block access (even for public sites without logon) from specific IP addresses or ranges (by HTL-Access) automatically.  Some hosts (like FourSquare) send warnings to website owners, or may even post incidents on WHOIS.   Some website owners (hosting their own servers) might learn the server-side programming to do this themselves.

No comments: