Malware Alert: Food Producers Feel Hit

Wednesday, February 2, 2011 @ 06:02 PM gHale

Malware agents are attacking the websites of manufacturers of industrial food processing equipment and machinery.

Variants of the Darkshell botnet agent, circulating in China, can turn infected Windows machines into attack drones. Infected machines regularly phone in to command and control nodes for instructions, periodically receiving instructions on sites to inundate with junk traffic.

Arbor Networks, which has been tracking the activities of the cybercrime networks for the last three months, reports Darkshell botnets have launched DDoS attacks against 97 unique victims, mostly in China (65) and the United States (23).

A big percentage of targets narrowly focused on the websites of small manufacturers of industrial food processing equipment and machinery. Other victims are online merchants of baby products and jewelry as well as video game related sites.

“One can only speculate on the reasons for this aggressive focus on such a relatively tiny niche within the online landscape,” said Arbor security analyst Jeff Edwards. “Several such attacks have been sustained for over 60 hours at a time, and most of these equipment vendors have suffered multiple repeat attacks during this interval of time.”

The attacks seem to focus on three or four URLs on a targeted website that refer to specific products. “We have also observed instances in which multiple Darkshell botnets engaged in coordinated attacks against a single victim (again, vendors of industrial food processing equipment),” said Arbor.

Darkshell is not technically sophisticated, but it stands out from the rogue’s gallery of botnet agents because of its particular (unusual) focus in attacking websites of industrial food processing firms, a sign of the increased diversification and specialization of the underground economy.

Leave a Reply

You must be logged in to post a comment.