As per cyber police data, more than four hundred infected servers were in 63 countries.
Ukrainian cyber police jointly with ESET, Cys Centrum and CERT-Bund found a server, which manages a large botnet in Ukraine, as it is said by the press-office of Cyber Police Department of the National Police of Ukraine, RBC-Ukraine reports.
As it is noted, the server was in one of southern regions of Ukraine and was administered from Russia.
The botnet, which was managed by this server, consisted of 4 thousand servers of private companies, which did not even suspect of the breach, in 63 countries, including Ukraine.
Hackers breached these servers in order to send spam distantly. Experts in computer security from ESET and Cys Centrum determined that there was a virus called Mumblehard on servers.
The breach of servers and spam delivery from them led to malfunctions and information leakages. In addition, companies, whose servers were used by hackers, had reputational risks, as their IP addresses were constantly included to different black lists.
Such companies totaled 33 in Ukraine. When they found out that they became victims of hackers, they filed crime report. Currently the botnet management server is disconnected and any computer threat is liquidated.
According to Spamhaus portal, two out of ten largest spam networks in the world are managed from Ukraine. These are Canadian Pharmacy and Yambo Financials.
Canadian Pharmacy is the largest in the world and specializes in pharmaceutical spam, including advertising of banned medications. Each day dozens of millions of spam letters are sent through Canadian Pharmacy, and their delivery is made by botnets (networks of infected computers). In the meantime, the so-called “bulletproof hosting” is used, i.e. servers are hard to find and disconnect.
Yambo Financials is specialized in delivery of porn links, advertises drugs and clandestine drugstores. Botnets also use breaches of sites and redirection of users. Each week it registers thousands new domains for their sites.