Microsoft Takes An Action Against The Global Cyber Crime

Microsoft Takes An Action Against The Global Cyber Crime

Microsoft Corp has launched an operation on Monday, in an effort to fight the roots of the global cyber crime, targeting the malicious software known as Jenxcus and Bladabindi which is developed in Algeria and Kuwait.

A Microsoft representative said that this particular malware has resulted in almost 7,5 million infected computers over the past year, and that it is the first time they have seen a malware that comes outside Eastern Europe that is so big, and that tells a lot about the fast expansion and globalization of cyber crime. This action was taken as a follow-up to an investigation by the Microsoft Malware Protection Center (MMPC), which has been monitoring the Jenxcus and Bladabindi malware families since 2012.

The Explanation Of Jenxcus And Bladabindi Malware Families

For those not aware of the dangers of cyber crime, these malware families are written and distributed with the aim to steal information stored on your computer, such as your passwords, by installing backdoor trojans on your computer. They can also further infect your computer by uploading new components or malware and their defensive mechanism is communication with hosts such as No-IP service, making it more difficult to trace them. It has dashboards with point-and-click menus that enable it to steal passwords, listen to conversations, record keystrokes and view a computer screen of an infected computer, in real time.

The Jenxcus and Bladabindi families usually spread by tricking victims to perform an operation resulting in computer infection, with Blandabindi infecting a computer if a user:

  • Clicks on a link in a social media message that is malicious
  • Visits a hacked website.
  • Opens an email sent by a contact who has previously been infected with the malware.

Bladabindi tries to trick users into running it by having enticing names and icons.

Jenxcus, on the other hand, is usually installed when a user:

  • Uses torrents or websites where malware is bundled with other programs and videos.
  • Installs a Flash update that was necessary to install before watching a video, which was in fact Jenxcus pretending to be an update. This is usually the case on video streaming websites.

Both Jenxcus and Bladabindi were added to the Malicious Software Removal Tool (MSRT) in early 2014, but Microsoft stated that the aggressive nature and distribution methods of these malware families allow them to continue to infect their users. An additional concern is that the information on downloading and developing unique versions of this malware is available to general public, through public forums and written tutorials.

Actions Taken By Microsoft

The investigation has discovered that about 94% of infected machines communicates with hackers through servers from an internet provider based in Nevada (Vitalwerks). Microsoft was allowed to disrupt this communication by redirecting suspicious traffic to their servers in Redmond and filter out communications with another 194 types of malware. Microsoft stated that they hope this will be the most successful private effort yet to combat the global cyber crime.

Featured image credit: Yuri Samoilov/Flickr

Recommended Posts | IT News

Algorithm Can Compromise Encryption

New Algorithm Can Compromise Encryption

In a world where it's becoming harder and harder to seal the access to digital information, the most used strategy consists in the encryption of storage and transfer of data with advanced security algorithms. Even those are becoming insecure. Encryptions are nothing more than mathematical problems ...
Google Nest’s Acquires Revolv

Google Nest’s Acquires Revolv

Google has bought Revolv, a startup company in home automation, to help Google's subdivision known as Nest. Nest labs is a digital thermostat company, which was acquired by Google recently. These acquisitions are geared towards Google's investment in appliances for smarter homes ...
Apple Acquires FoundationDB

Apple Acquires FoundationDB To Improve Cloud-based Services

Apple acquired startup that specializes in speedy, durable NoSQL database. Apple may improve its own cloud-based services. Cupertino-based Apple has agreed to acquire FoundationDB, a Virginia-based database company that develops scalable and fault tolerant databases that support multiple data models ...
Predicts Future Cyberattacks

Payment Giant PayPal Acquires Co That Predicts Future Cyberattacks

This is good news for millions of users doing online transactions. Continuing its strategy to get deeper into security technology and malware detection, online payment giant PayPal (a unit of e-commerce giant eBay), has acquired Israel-based cybersecurity firm CyActive ...