Cyberaanval Op Nederland Citadel-Malwareonderzoek “Pobelka” Botnet

Cyberaanval Op Nederland Citadel-Malwareonderzoek “Pobelka” Botnet

Cyberaanval op Nederland Citadel-malwareonderzoek “Pobelka” botnet Cyberaanval op Nederland | Citadel-malwareonderzoek “Pobelka” botnet Pagina 1 Inhoudsopgave Inleiding ....................................................................................................................................................................................................... 3 Telegraaf.nl ............................................................................................................................................................................................ 3 Pobelka ........................................................................................................................................................................................................ 4 Doelgericht ............................................................................................................................................................................................ 4 Nederland............................................................................................................................................................................................... 5 Java exploits .......................................................................................................................................................................................... 5 Cyberincidenten ................................................................................................................................................................................... 6 Weeronline.nl ................................................................................................................................................................................... 6 Dorifelvirus ........................................................................................................................................................................................ 7 Bankrover ............................................................................................................................................................................................... 7 Facebook ................................................................................................................................................................................................ 7 Landsbelang .......................................................................................................................................................................................... 8 Rapporten .............................................................................................................................................................................................. 9 Citadel ........................................................................................................................................................................................................ 10 Achtergrond ........................................................................................................................................................................................ 10 Kostprijs................................................................................................................................................................................................. 10 Man-in-the-Browser ......................................................................................................................................................................... 11 Diefstal ................................................................................................................................................................................................... 12 Cliënt-certificaten .............................................................................................................................................................................. 13 DigiNotar ......................................................................................................................................................................................... 13 Citadel Server ...................................................................................................................................................................................... 13 Onzichtbaar ......................................................................................................................................................................................... 14 25 dagen .......................................................................................................................................................................................... 14 Overleven ............................................................................................................................................................................................. 15 Windows-register ......................................................................................................................................................................... 15 Gebruikersprocessen ....................................................................................................................................................................... 16 Systeemrechten.................................................................................................................................................................................. 16 Compressie .......................................................................................................................................................................................... 17 Unieke versleuteling .................................................................................................................................................................... 17 Beveiligingssoftware ........................................................................................................................................................................ 18 Geïnstalleerde software ............................................................................................................................................................. 19 Bijzonderheden .................................................................................................................................................................................. 20 Ransomware ................................................................................................................................................................................... 20 Brian Krebs ...................................................................................................................................................................................... 20 Minachting ........................................................................................................................................................................................... 21 HitmanPro ............................................................................................................................................................................................ 21 Conclusie ................................................................................................................................................................................................... 22 Aanbevelingen .................................................................................................................................................................................... 23 Bijlage 1 – Webbrowser-hooks ........................................................................................................................................................ 24 Bijlage 2 – Citadel-webadressen ...................................................................................................................................................... 25 Bijlage 3 – Beveiligingssoftware ....................................................................................................................................................... 26 Contact ....................................................................................................................................................................................................... 27 Cyberaanval op Nederland | Citadel-malwareonderzoek “Pobelka” botnet Pagina 2 Inleiding Dit document is het resultaat van een onderzoek van SurfRight en Digital Investigation naar aanleiding van de virusverspreidingen via de populaire nieuwssite Telegraaf.nl op 6 september 2012. In het hoofdstuk ‘Pobelka’ is gedetailleerde informatie over het ‘moederschip’ van de cybercriminelen en de aangetroffen data opgenomen. Deze statistische data, waarmee o.a. de grafieken in dit document zijn gemaakt, zijn beschikbaar gesteld door Digital Investigation. Het hoofdstuk ‘Citadel’ beschrijft het digitale paard van Troje waarmee cybercriminelen maanden lang ongemerkt persoonlijke en strategische informatie hebben gestolen bij Nederlandse burgers, bedrijven en overheidsinstellingen. Deze malafide software (malware1) is gebaseerd op een ouder computervirus genaamd ZeuS. Deze malware wordt doorgaans gezien als een digitale bankrover maar Citadel heeft in Nederland niet zozeer bankrekeningen geplunderd. De subtitel die de ontwikkelaars van Citadel hun kwaadaardige programma

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    27 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us