The Europol Cybercrime Centre and the FBI teamed up to bring down the Beebone botnet, a custom operation that installed malware on unknowing victims. At least 12,000 machines were infected - with an estimate up to 100,000 zombie PCs - hijacked by cybercriminals. The malware was used to collect stolen passwords and download third-party applications onto victim PCs, officials noted.
"The fact that it [the malware] is complicated suggests that it could be used for more targeted attacks," said Paul Docherty, director of Portcullis Security, recently told the BBC. "If those responsible were able to harness similar difficult-to-detect code they could potentially move the point of attack from home users to corporate users or other entities which typically hold large amounts of sensitive, valuable data."
The polymorphous malware utilized its unique ability to change its "shape" so it was better able to evade cybersecurity defenses - and continue hijacking new users.
"Enterprises need to consider proactive detection strategies in addition to prevention for these commonplace threats that evade existing anti-malware defenses," said Muddu Sudhakar, CEO of the Caspida cybersecurity firm. "Looking at behaviors of users and machines without rules or signatures can help you locate and eliminate bad stuff that inevitably slips through defenses."