- A botnet that forced approximately 4,000 Linux computers to spew spam onto the Internet for more than a year has finally been stopped.
- Called Mumblehard, the botnet used a "packer" to conceal its source code and had a backdoor, giving attackers constant access. A mail daemon was also able to send spam in large volumes.
- In February, researchers took control of the command server's internet address and shut down the botnet.
Researchers aren’t sure how Mumblehard initially infected its victims. By analyzing the incoming traffic, the researchers estimated about 4,000 computers were infected.
Researchers at first thought the malware exploited vulnerabilities in content management systems such as WordPress, though they later found this to be incorrect. Either way, WordPress just announced it is adopting HTTPS to better protect its users and sites. The researchers still aren't sure how the spam bot took hold of its victims.
There is growing concern about viruses that can infect computers and go unnoticed for years. Last week, the FBI reportedly sent out an alert warning that a group of hackers "have compromised and stolen sensitive information from various government and commercial networks" since at least 2011.