
Botnet targets scientists, engineers, and academics - jackgavigan
http://www.zdnet.com/article/this-unusual-botnet-targets-scientists-engineers-and-academics/
======
fernly
> Researchers found that three quarters of systems infected with Jaku were
> running an unlicensed version of Microsoft Windows.

Which means, systems that are never updated, so, systems that are vulnerable
to a broad range of attacks, and would likely be part of one botnet or another
in any case.

~~~
JoeAltmaier
To understand what part that has in encouraging infection, we'd have to know
what fraction of uninfected machines were unlicensed?

------
x1798DE
> There are also no instances of Jaku targeting North Korean victims.

Is this unusual? How many computers are there in North Korea, and would you
ever hear about it it'd they were infected with something?

~~~
chillacy
I think the author was hinting at the culprit:

> "There are indicators that suggest that the author(s) of the malware
> identified are native Korean speakers," Forcepoint researchers said.

However I can still entertain the thought that it could be a false lead
planted by the malware authors. I won't name any 3 letter agencies.

~~~
Joof
South Korea still seems more likely. I'm sure there are computer experts in
the north, but far fewer and they might be better spent elsewhere.

------
joe_the_user
It seems sad and logical that the botnets of the world will gradually be
programmed to loot everything of present or future value.

I have some very non-tech friends who keep an old machine they know is
horribly infected around just to play games. Lots of average folks don't have
the incentive to fight infection and lots of companies equally don't have a
strong incentive stop it.

------
snowwindwaves
Article doesn't mention how it targets scientists, engineers, and academics.
Maybe it looks for CAD programs installed, matlab, or files that would be
generated by those types of programs.

Article says 70% of infections are in south korea and japan so it is
definitely geo targeting. 6% of infections are in the US. I wonder if those
are by accident.

------
kusmi
This doesn't surprise me, most of the computers and other equipment in the
research facility I work at are directly hooked up with Ethernet. The
university manages it's own IP block but doesn't have any oversight over what
goes on, no firewall. Most of the security is in the router which connects to
the same network students on campus use. I've heard horror stories like the
2nd floor printer which was hijacked and turned into a porn server,
researchers locked out of compromised equipment (worth millions). I spent
months hardening my system and setting up my own local network after my first
Linux box was rooted days after hooking it up (probably hours).

------
beardog
This will be more interesting when theres more info to read on it.

