Koobface has stopped infecting new machines, according to reports, following the public exposure of five people suspected to be behind the criminal operation.
Facebook and Sophos chose to release the names of those they believed to be running the Koobface botnet earlier this week.
Jan Droemer and Dirk Kollberg, German security researchers who wrote up an in-depth report on how they tracked the suspects, said servers running Koobface stopped responding after they released their information via a Sophos blog, according to Reuters.
Our decision to become transparent about this has had a 24-hour impact.
Koobface had stopped spreading via Facebook nine months ago but was continuing to propagate in different ways and via different social networks.
Kaspersky had estimated that Koobface had managed to infect between 400,000 and 800,000 machines in 2010. It first appeared in 2008.
The suspects left a vast trail of digital clues that led to their names appearing in reports, including Facebook pages.
They were also involved in more salacious affairs, including appearances at adult film conferences.
They also failed to lock investigators out of command and control (C&C) centre data, which eventually led to the leaking of their web pseudonyms.
Those identified have now erased social networking profiles found by the researchers.
"The thing that we are most excited about is that the botnet is down," said Facebook security official Ryan McGeehan.
"Our decision to become transparent about this has had a 24-hour impact. Only time will tell if it's permanent but it was certainly effective."
Facebook declared late on Tuesday it would continue to fight the botnet even though it had been banished from the social network.
"While we have been able to keep Koobface off Facebook, we won't declare victory against the virus until its authors are brought to justice," the company said in a blog post.
"We feel it is the interest of everyone online to work with law enforcement and the larger security community to identify the gang and see the full force of law brought to bear against those who have made millions in ill-gotten gains.
"To this end, we will be sharing our intelligence with the rest of the online security community in the coming weeks in an effort to rid the web of this virus forever."
-
M&S suspends online sales as 'cyber incident' continuesNews Marks & Spencer (M&S) has informed customers that all online and app sales have been suspended as the high street retailer battles a ‘cyber incident’.
-
Manners cost nothing, unless you’re using ChatGPTOpinion Polite users are costing OpenAI millions of dollars each year – but Ps and Qs are a small dent in what ChatGPT could cost the planet
-
Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up stingNews Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year.
-
96% of SMBs are missing critical cybersecurity skills – here's whyNews The skills shortage hits SMBs worse as they often suffer from a lack of budget and resources
-
Sophos Firewall Virtual review: Affordable network protection for those that like it virtualizedReviews Extreme network security that's cheaper than a hardware appliance and just as easy to deploy
-
MSPs are struggling with cyber security skills shortagesNews A shortage of tools and difficulties keeping pace with solutions were also ranked as key issues for MSPs
-
Nearly 70 software vendors sign up to CISA’s cyber resilience programNews Major software manufacturers pledge to a voluntary framework aimed at boosting cyber resilience of customers across the US
-
Sophos and Tenable team up to launch new managed risk serviceNews The new fully managed service aims to help organizations manage and protect external attack surfaces
-
Ransomware groups are using media coverage to coerce victims into payingNews Threat actors are starting to see the benefits of a more sophisticated media strategy for extracting ransoms
-
Shrinking cyber attack “dwell times” highlight growing war of attrition with threat actorsNews While teams are becoming more proficient at detecting threats, attackers are augmenting their strategies
