{"id":12089,"date":"2016-04-07T16:01:00","date_gmt":"2016-04-07T08:01:00","guid":{"rendered":"https:\/\/version-2.com\/?p=12089"},"modified":"2020-05-15T16:03:13","modified_gmt":"2020-05-15T08:03:13","slug":"mumblehard-finally-taken-down-sending-no-more-spam","status":"publish","type":"post","link":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/","title":{"rendered":"Mumblehard Finally Taken Down, Sending No More Spam"},"content":{"rendered":"\n

ESET, in collaboration with CyS-CERT and other partners, has taken down Mumblehard, the infamous Linux server botnet.<\/p>\n\n\n\n

A year ago, ESET analyzed the Mumblehard botnet which was comprised of thousands of infected Linux systems located all around the world. Today, ESET announces that in cooperation with CyS-CERT and the Cyber Police of Ukraine, Mumblehard has been successfully taken down.<\/p>\n\n\n\n

When publishing the discovery, ESET researchers also registered a domain acting as a C&C server for the backdoor component in order to estimate the botnet size and distribution. This caused the authors of the malware to reduce the number of C&C servers to one \u2013 in Ukraine, under the direct control of the attacker.<\/p>\n\n\n\n

\u201cThe forensics analysis revealed that at the moment of takedown, there were nearly 4000 systems from 63 different countries in the botnet. The researchers also discovered additional details about the operation,\u201d says Marc-Etienne L\u00e9veill\u00e9, Malware Researcher at ESET.<\/p>\n\n\n\n

Among other innovations from the botnet\u2019s disclosure in April 2015, the system allowed for automatic delisting from Spamhaus\u2019 Blocking List. If a script automatically monitoring the IP addresses of all the infected machines found one to be blacklisted, it requested that it be delisted.<\/p>\n\n\n\n

\u201cThese kinds of requests are protected with CAPTCHA to avoid automation, but the botnet operators were using OCR or external services to break the protection,\u201d explains L\u00e9veill\u00e9.<\/p>\n\n\n\n

Based on data collected from ESET\u2019s sinkhole server, it\u2019s now possible to notify the infected servers\u2019 administrators. Germany\u2019s Computer Emergency Response Team, CERT-Bund, stepped in, and has started notifying the infected organizations.<\/p>\n\n\n\n

\u201cIf you receive a notification that your server is infected, head to our indicators of compromise at the Github repository for more details about how to find and remove Mumblehard on your system,\u201d recommends L\u00e9veill\u00e9.<\/p>\n\n\n\n

The Mumblehard botnet takedown serves as another example of successful cross-border cooperation between experts from security firms and the public sector with law enforcement institutions.<\/p>\n\n\n\n

To avoid future infections, ESET security experts advise that web applications hosted on a server \u2013 including plugins – are up to date and that administrative accounts have strong two-factor authentication. Additional details about the Mumblehard botnet takedown can be found in an article by Marc-Etienne M. L\u00e9veill\u00e9 on ESET\u2019s official security blog, WeLiveSecurity.com.<\/p>\n\n\n\n

About ESET<\/strong><\/p>\n\n\n\n

ESET, the pioneer of proactive protection and the maker of the award-winning NOD32 technology which is celebrating its 25th anniversary in 2012, is a global provider of security solutions for businesses and consumers. The Company continues to lead the industry in proactive threat detection. ESET NOD32 Antivirus holds the world record for the number of Virus Bulletin “VB100\u201d Awards, and has never missed a single \u201cIn-the-Wild\u201d worm or virus since the inception of testing in 1998. ESET has been selected as one of the most innovative companies in Europe for the 2011 HSBC European Business Awards and holds number of accolades from AV-Comparatives, AV Test and other organizations. ESET NOD32 Antivirus, ESET Smart Security and ESET Cyber Security for Mac are trusted by millions of global users and are among the most recommended security solutions in the world.<\/p>\n\n\n\n

The Company has global headquarters in Bratislava (Slovakia), with regional distribution centers in San Diego (U.S.), Buenos Aires (Argentina), and Singapore; with offices in Sao Paulo (Brazil) and Prague (Czech Republic). ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Singapore, Prague, Ko\u0161ice (Slovakia), Cracow (Poland), Montreal (Canada), Moscow (Russia), and an extensive partner network for 180 countries. . For more information, visit our local office at https:\/\/www.eset.hk<\/a>.<\/p>\n\n\n\n

About Version 2 Limited<\/strong><\/p>\n\n\n\n

Version 2 Limited is one of the most dynamic IT companies in Asia. Headquartered in Hong Kong, the Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.<\/p>\n\n\n\n

For more information, please visit https:\/\/www.version-2.com\/<\/a> or call (852) 2893 8860.<\/p>\n","protected":false},"excerpt":{"rendered":"

ESET, in collaboration with CyS-CERT and other partners […]<\/p>\n","protected":false},"author":143524195,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[40,61,205],"tags":[197,41],"class_list":["post-12089","post","type-post","status-publish","format-standard","hentry","category-eset","category-press-release","category-year2016","tag-197","tag-eset"],"acf":[],"yoast_head":"\nMumblehard Finally Taken Down, Sending No More Spam - Version 2<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/\" \/>\n<meta property=\"og:locale\" content=\"zh_HK\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mumblehard Finally Taken Down, Sending No More Spam - Version 2\" \/>\n<meta property=\"og:description\" content=\"ESET, in collaboration with CyS-CERT and other partners […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/\" \/>\n<meta property=\"og:site_name\" content=\"Version 2\" \/>\n<meta property=\"article:published_time\" content=\"2016-04-07T08:01:00+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-05-15T08:03:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"250\" \/>\n\t<meta property=\"og:image:height\" content=\"70\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"version2hk\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"version2hk\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9810\u8a08\u95b1\u8b80\u6642\u9593\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 \u5206\u9418\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2016\\\/04\\\/mumblehard-finally-taken-down-sending-no-more-spam\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2016\\\/04\\\/mumblehard-finally-taken-down-sending-no-more-spam\\\/\"},\"author\":{\"name\":\"version2hk\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\"},\"headline\":\"Mumblehard Finally Taken Down, Sending No More Spam\",\"datePublished\":\"2016-04-07T08:01:00+00:00\",\"dateModified\":\"2020-05-15T08:03:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2016\\\/04\\\/mumblehard-finally-taken-down-sending-no-more-spam\\\/\"},\"wordCount\":705,\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"keywords\":[\"2016\",\"ESET\"],\"articleSection\":[\"ESET\",\"Press Release\",\"2016\"],\"inLanguage\":\"zh-HK\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2016\\\/04\\\/mumblehard-finally-taken-down-sending-no-more-spam\\\/\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2016\\\/04\\\/mumblehard-finally-taken-down-sending-no-more-spam\\\/\",\"name\":\"Mumblehard Finally Taken Down, Sending No More Spam - Version 2\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\"},\"datePublished\":\"2016-04-07T08:01:00+00:00\",\"dateModified\":\"2020-05-15T08:03:13+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2016\\\/04\\\/mumblehard-finally-taken-down-sending-no-more-spam\\\/#breadcrumb\"},\"inLanguage\":\"zh-HK\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/version-2.com\\\/zh\\\/2016\\\/04\\\/mumblehard-finally-taken-down-sending-no-more-spam\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/2016\\\/04\\\/mumblehard-finally-taken-down-sending-no-more-spam\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9801\",\"item\":\"https:\\\/\\\/version-2.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mumblehard Finally Taken Down, Sending No More Spam\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#website\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"name\":\"Version 2\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/version-2.com\\\/zh\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"zh-HK\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#organization\",\"name\":\"Version 2\",\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"contentUrl\":\"https:\\\/\\\/i0.wp.com\\\/version-2.com\\\/wp-content\\\/uploads\\\/2020\\\/08\\\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1\",\"width\":1795,\"height\":335,\"caption\":\"Version 2\"},\"image\":{\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/version-2.com\\\/zh\\\/#\\\/schema\\\/person\\\/d14d2d3cd77ffdb618b9f1330fe084db\",\"name\":\"version2hk\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-HK\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g\",\"caption\":\"version2hk\"},\"sameAs\":[\"http:\\\/\\\/version2xfortcom.wordpress.com\"],\"url\":\"https:\\\/\\\/version-2.com\\\/zh\\\/author\\\/version2hk\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mumblehard Finally Taken Down, Sending No More Spam - Version 2","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/","og_locale":"zh_HK","og_type":"article","og_title":"Mumblehard Finally Taken Down, Sending No More Spam - Version 2","og_description":"ESET, in collaboration with CyS-CERT and other partners […]","og_url":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/","og_site_name":"Version 2","article_published_time":"2016-04-07T08:01:00+00:00","article_modified_time":"2020-05-15T08:03:13+00:00","og_image":[{"width":250,"height":70,"url":"https:\/\/version-2.com\/wp-content\/uploads\/2020\/04\/blog-v2-logo.jpg","type":"image\/jpeg"}],"author":"version2hk","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"version2hk","\u9810\u8a08\u95b1\u8b80\u6642\u9593":"3 \u5206\u9418"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/#article","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/"},"author":{"name":"version2hk","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db"},"headline":"Mumblehard Finally Taken Down, Sending No More Spam","datePublished":"2016-04-07T08:01:00+00:00","dateModified":"2020-05-15T08:03:13+00:00","mainEntityOfPage":{"@id":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/"},"wordCount":705,"publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"keywords":["2016","ESET"],"articleSection":["ESET","Press Release","2016"],"inLanguage":"zh-HK"},{"@type":"WebPage","@id":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/","url":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/","name":"Mumblehard Finally Taken Down, Sending No More Spam - Version 2","isPartOf":{"@id":"https:\/\/version-2.com\/zh\/#website"},"datePublished":"2016-04-07T08:01:00+00:00","dateModified":"2020-05-15T08:03:13+00:00","breadcrumb":{"@id":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/#breadcrumb"},"inLanguage":"zh-HK","potentialAction":[{"@type":"ReadAction","target":["https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/version-2.com\/zh\/2016\/04\/mumblehard-finally-taken-down-sending-no-more-spam\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9801","item":"https:\/\/version-2.com\/"},{"@type":"ListItem","position":2,"name":"Mumblehard Finally Taken Down, Sending No More Spam"}]},{"@type":"WebSite","@id":"https:\/\/version-2.com\/zh\/#website","url":"https:\/\/version-2.com\/zh\/","name":"Version 2","description":"","publisher":{"@id":"https:\/\/version-2.com\/zh\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/version-2.com\/zh\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"zh-HK"},{"@type":"Organization","@id":"https:\/\/version-2.com\/zh\/#organization","name":"Version 2","url":"https:\/\/version-2.com\/zh\/","logo":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/","url":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","contentUrl":"https:\/\/i0.wp.com\/version-2.com\/wp-content\/uploads\/2020\/08\/v2-hk-hor-4.png?fit=1795%2C335&ssl=1","width":1795,"height":335,"caption":"Version 2"},"image":{"@id":"https:\/\/version-2.com\/zh\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/version-2.com\/zh\/#\/schema\/person\/d14d2d3cd77ffdb618b9f1330fe084db","name":"version2hk","image":{"@type":"ImageObject","inLanguage":"zh-HK","@id":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d280627252b42d7489de74dd88aa04043a495f25e258575000dc767e287bf94c?s=96&d=identicon&r=g","caption":"version2hk"},"sameAs":["http:\/\/version2xfortcom.wordpress.com"],"url":"https:\/\/version-2.com\/zh\/author\/version2hk\/"}]}},"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/pbQRKm-38Z","post_mailing_queue_ids":[],"_links":{"self":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/12089","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/users\/143524195"}],"replies":[{"embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/comments?post=12089"}],"version-history":[{"count":2,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/12089\/revisions"}],"predecessor-version":[{"id":12091,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/posts\/12089\/revisions\/12091"}],"wp:attachment":[{"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/media?parent=12089"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/categories?post=12089"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/version-2.com\/zh\/wp-json\/wp\/v2\/tags?post=12089"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}