Learn about Zero Trust Architecture
Impenetrable cybersecurity without sacrificing usability
Gain detailed visibility into all your endpoints activities
Harden applications and hardware environments
Immediate and continuous response to incidents
Close the window of time your data could be exposed
Get your Comodo solutions setup, deployed or optimized
Control access to malicious websites
Defend from any internet based threats
Stop email threats before it enters your inbox
Preserve and protect your sensitive data
Keep your website running fast and malware free
Add encryption to your websites
Automated certificate mgmt. platform
Secure private intranet environments
Digital signature solutions for cloud apps
Encrypt emails for senders and recipients
Stay compliant with PCI DSS
Trusted authentication for IoT devices
Francisco Partners a leading technology-focused private equity fund, has acquired a majority stake in Comodo’s certificate authority business. Newly renamed from Comodo CA Limited to Sectigo Limited. Privacy Policies, Trademarks, Patents and Terms & Conditions are available on Sectigo Limited’s web site.
Meet the people behind the direction for Comodo
Get the latest news about Comodo
People are the key to achievement and prosperity
Stay up to date with our on-demand webinars
Worldwide: Sales, Support and General Inquiries
Schedule a live demonstration of our solutions
Need immediate help? Call 1-888-551-1531
Instantly removes viruses to keep your PC virus free
Experience true mobile security on your mobile apple devices
Secure Internet Browser based on Chrome
Chrome browser internet security extension
Submit a ticket to our support team
Share any product bugs or security flaws
Collaborate with research experts on data sets
Valkyrie Threat Intelligence Plugins
Valkyrie Threat Intelligence APIs
BredoLabs is the name of both a trojan horse program and the largest botnet ever discovered. The botnet has been broken up, for the most part, but variations of the trojan are still infecting computers around the globe.
A botnet is a network of compromised computers that hackers use for a variety of nefarious purposes. The BredoLab botnet was used for one of the most common and profitable schemes, mass email spamming. Have you ever had an email account that you had to close down because it was so full of junk email? Have you ever wondered where so many emails come from?
In many cases a botnet is the answer and BredoLabs proves how big a problem botnets can become. At its peak it is estimated that the BredoLab network consisted of 30 million computers, controlled without the users consent and usually without their knowledge. BredoLabs was sending as many as 3 billion junk and infected emails per month! That is a lot of advertisement’s for Viagra knockoffs or cures for baldness!
How did this exactly work?
The BredoLab operation was essentially the same as for most botnets. The BredoLab hackers infected innocent web site with their trojan. Most people infected were tricked to click on a link to an infected site in an email and the BredoLab trojan horse program downloaded onto their computer.
The BredoLab trojan is one of the more effective ever distributed. While other hackers have used variations of BredoLab for other purposes, in this case it downloaded and installed the software necessary to take control of the computer. It also installed software to steal userids and passwords to compromise other networks and web sites. The infected computers were controlled by 170 BredoLabs servers, located mostly in Russia and Armenia.
Crime pays, until it doesn’t
The BredoLab botnet proved exactly how profitable spam email can be. When the network was uncovered and eventually taken down in 2010, the BredoLabs was earning over $100,000 per month, including from charging others to distribute spam email and malware through his network.
In October 2010 Dutch law enforcement authorities announced that they had wrested control of 143 of the servers. This was the beginning of the end of the party for BredoLabs creator, Georg Avanesov – a Russian citizen of Armenian descent.
Simply disconnecting and seizing the BredoLabs server would not guarantee that Avenesov and company could not recreate the network by directing the infected computers to new servers. To prevent that, the Dutch Police did a little fighting fire with fire. They “infected” the computers on the BredoLabs botnet with a program that, when they opened their browser, redirected users to a government website with instructions on how to remove BredoLab.
Avenesov was arrested shortly after the botnet was taken down. He admitted to creating the BredoLab Trojan, but claimed others used it to build the botnet. He was convicted earlier this year in an Armenian court and sentenced to 4 years in prison.
I have to wonder if 4 years is enough of a sentence to deter such crimes, given their enormous profitability. Avenesov is only 29 years old and will be young enough to still enjoy any ill-gotten gains he has hidden. Of course, he will also be tempted to try again!
Protecting ourselves from becoming a victim of the Avenesovs of this world is a never ending battle. There are still portions of the BredoLab network functioning and variations of the trojan circulating around the internet. Not to mention all of the other criminal schemes threatening anyone who connects to a network.
You can start with never clicking on a link in an email unless you are absolutely sure where the email came from. That is easier said than done. A lot of malicious emails look very legit. I often right click on addresses and link text to check the real address!
Of course, you should make sure that of your computers and your network servers are using aggressive antivirus and firewall systems. That may seem too obvious to mention, but most network breaches occur because not all network devices are protected. That is particularly true for Point of Sale machines, which are not old fashioned cash registers these days. POS systems need to be treated like any other connected device to keep a network safe.
You are only as secure as your weakest link!
Sign up to our cyber security newsletter
Comodo Cybersecurity would like to keep in touch with you about cybersecurity issues, as well as products and services available. Please sign up to receive occasional communications. As a cybersecurity company, we take your privacy and security very seriously and have strong safeguards in place to protect your information.
See how your organization scores against cybersecurity threats