Friday, Sep 25, 2020 | Last Update : 04:49 PM IST

185th Day Of Lockdown

Maharashtra128396397321434345 Andhra Pradesh6543855794745558 Tamil Nadu5636915082109076 Karnataka5485574446588331 Uttar Pradesh3742773076115366 Delhi2606232243755123 West Bengal2378692080424606 Odisha196888161044805 Telangana1792461481391070 Bihar174266159700878 Assam165582135141608 Kerala15445898720614 Gujarat1289491093113382 Rajasthan1227201023301352 Haryana118554984101177 Madhya Pradesh115361814752007 Punjab105220814752860 Chhatisgarh9562358833680 Jharkhand7643862945626 Jammu and Kashmir68614480791024 Uttarakhand4440432154501 Goa3055224347360 Puducherry2489519311467 Tripura2378616955245 Himachal Pradesh133869232125 Chandigarh109688342123 Manipur9537736959 Arunachal Pradesh8416607113 Nagaland5730459810 Meghalaya4733252838 Sikkim2447190529 Mizoram158510120
  Technology   In Other news  25 Apr 2017  Kaspersky Lab joins INTERPOL-led cybercrime operation across ASEAN

Kaspersky Lab joins INTERPOL-led cybercrime operation across ASEAN

THE ASIAN AGE
Published : Apr 25, 2017, 3:53 pm IST
Updated : Apr 25, 2017, 3:53 pm IST

The operation was carried out from the INTERPOL Global Complex for Innovation (IGCI) in Singapore.

Cybercrime investigators from Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand, and Vietnam gathered together at the IGCI to exchange information on specific cybercrime situations in their respective countries.
 Cybercrime investigators from Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand, and Vietnam gathered together at the IGCI to exchange information on specific cybercrime situations in their respective countries.

Kaspersky Lab has announced its participation in a groundbreaking INTERPOL-led cybercrime operation involving public and private sectors across the ASEAN region. Nearly 9,000 botnet command and control (C2) servers and hundreds of compromised websites, including government portals were identified from the activity.

The operation was carried out from the INTERPOL Global Complex for Innovation (IGCI) in Singapore, the research and development facility of the world’s largest police organization.

 

Cybercrime investigators from Indonesia, Malaysia, Myanmar, Philippines, Singapore, Thailand, and Vietnam gathered together at the IGCI to exchange information on specific cybercrime situations in their respective countries. An additional cyber intelligence report was contributed by China.

Experts from Kaspersky Lab cooperated with the INTERPOL to share fresh cyberthreat discoveries and to formulate recommended actions along with six other private companies, namely Cyber Defense Institute, Booz Allen Hamilton, British Telecom, Fortinet, Palo Alto Networks, and Trend Micro.

Being the only vendor able to detect the infection at the time, Kaspersky Lab provided the INTERPOL team with an exclusive report on a WordPress plugin vulnerability that has affected thousands of websites in the region, including those belonging to government agencies, universities, NGOs, and private businesses.

 

The vulnerability allowed perpetrators to inject malicious codes to over 5,000 legitimate webpages around the globe and redirect the users to advertising pages of counterfeit goods. The vulnerability also allowed other types of malicious activity such as potentially unwanted programs (PUP) downloads, password brute-forcing, and proxy among others.

Kaspersky Lab has also furnished the IGCI with an extensive list of 8,800 botnet C2 servers found to be active in ASEAN countries, as retrieved from the Kaspersky Security Network and Botnet C&C Threat Feed. Formed from the words “robot” and “network”, a botnet is a zombie network of thousands or millions of Internet-connected devices (such as PCs, smartphones, tablets, routers, smart toys, or other gadgets) that are hacked and infected with a special malware so that these could be controlled by a cybercriminal to deliver cyberattacks.

 

The botnets data shared by Kaspersky Lab covered various malware families, specifically those targeting financial organizations, spreading ransomware, launching distributed-denial- of-service (DDoS) attacks, distributing spam, and enabling other criminal activities. Investigations into the C2 servers are currently ongoing.

The operation’s findings also include the confirmation of nearly 270 websites infected with a malware code which exploited a vulnerability in the website design application. Among the victims of malware infection were several government websites which may have stored some personal data of its citizens.

A number of phishing website operators were also discovered such as one with links to Nigeria. One cybercriminal based in Indonesia selling phishing kits via the Darknet had been ascertained to have posted tutorial videos on YouTube showing customers how to use the illegal software.

 

According to IGCI Executive Director Noboru Nakatani, the operation was ideal as it demonstrated a highly effective and beneficial public-private partnership in the fight against cybercrime. “Sharing intelligence was the basis of the success of this operation, and such cooperation is vital for long term effectiveness in managing cooperation networks for both future operations and day-to- day activity in combating cybercrime,” said Nakatani.

“Public-private sharing is a critical step in fighting cybercrime in the region,” said Anton Shingarev, Vice-President Public Affairs of Kaspersky Lab. “But for this operation, access to intelligence and technology has been as important as the experience of learning from each other throughout the process, resulting in better understanding and collaboration between private partners and law enforcement agencies. This makes the INTERPOL Global Complex for Innovations a unique platform that transforms intelligence sharing into meaningful and impactful actions against cybercriminals both at the regional and national levels.”

 

Tags: kaspersky lab, interpol, cybercrime, 9, 000 botnet