New Global Botnet Campaign ‘JAKU’ Unveiled

omidomi

Level 71
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Well-known
Apr 5, 2014
6,008
Forcepoint Security Labs Special Investigations team has discovered and documented a global botnet affecting thousands of victims – we call this investigation “JAKU”.

What is JAKU?

  • JAKU is the name of the investigation by the Forcepoint Security Labs Special Investigations team into a botnet campaign.
  • Obscured by the noise of thousands of seemingly indiscriminate botnet victims, the JAKU campaign performs a separate, highly targeted operation.
  • JAKU has approximately 19,000 victims at any one time spread over 134 countries!
  • JAKU has a truly global footprint but we found concentrations of Command and Control servers and victims in APAC.
  • Victims were observed to have a maximum dwell time* of 348 days. The attack could exploit each victim for almost a full year.
*Dwell time begins when an attacker enters a network and continues until they leave or are forced out.

Comment from Andy Settle, Head of Special Investigations, Forcepoint

“JAKU has reached every corner of the world and sheds some light onto the victims of botnets, why they are vulnerable, and possibly, why they are targeted. With thousands of victim computers currently sitting in wait to be used unwittingly to perform DDoS attacks, spear phishing attacks, spam campaigns and other forms of organised crime, corporate companies must make sure they are aware of this sophisticated botnet campaign.

The team discovered something new in this campaign – we have not previously observed bot herding on this scale that is also so surgically targeted; this represents a change in tactics.

Finding, tracking and shutting down attack modes and methodologies with such capabilities can be a formidable task. No single organisation can do it alone. It requires the close collaboration and intelligence-sharing activities of both private organisations and government agencies – and Forcepoint has engaged with NCA, CERT-UK, Europol and Interpol on this investigation.”
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top