Comments on: From Georgia With Love: Win32/Georbot information stealing trojan and botnet http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/ News, Views, and Insight from the ESET Security Community Mon, 03 Feb 2014 08:49:00 +0000 hourly 1 http://wordpress.org/?v=3.7 By: Ilia http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-740 Wed, 31 Oct 2012 22:07:30 +0000 http://blog.eset.com/?p=12135#comment-740 Patric, you are just trying to make people see things in the way you want, can you write any confirmed fact about it, do you know the population of Georgia, or number of Georgians abroad and how many of them could be involved in any cyber actions, can you compare it with the similar numbers of Russia? and by the way the staged "Russian invansion" had nothing common with cyber crime.
Actually you did not say a word about massive DDoS and Deface throughout 2008 war, which took down most of Georgian government and news web-sites. As I can not post links, please search term "russia georgia cyber attack", so you will get a lof of information about it or search and read articles on international journals and websites with following names:
1. Russian Cyber Attack on Georgia, Government Websites Down or Replaced With Fakes
2. Expert: Cyber-attacks on Georgia websites tied to mob, Russian government
3. Russian nationalists waged a cyber war against Georgia. Fighting back is virtually impossible.
4. Georgian websites forced offline in 'cyber war'
5. Georgian Websites Under Attack – Shadowserver Foundation
 

]]>
By: David Harley http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-739 Sun, 28 Oct 2012 07:23:43 +0000 http://blog.eset.com/?p=12135#comment-739 Actually it was Righard who drew my attention to it. :)

]]>
By: Zurab Akhvlediani http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-738 Sat, 27 Oct 2012 23:28:41 +0000 http://blog.eset.com/?p=12135#comment-738 David, Thank you ! :) 

]]>
By: David Harley http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-737 Sat, 27 Oct 2012 14:24:47 +0000 http://blog.eset.com/?p=12135#comment-737 Apparently this is the link Zurab wanted to call attention to: http://www.slideshare.net/DataExchangeAgency/cyber-espionage

]]>
By: David Harley http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-736 Sat, 27 Oct 2012 14:10:49 +0000 http://blog.eset.com/?p=12135#comment-736 I suspect that Zurab is including one or more URLs, which are stripped automatically from comments.

]]>
By: Zurab Akhvlediani http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-735 Fri, 26 Oct 2012 22:58:47 +0000 http://blog.eset.com/?p=12135#comment-735 Hi Mr. Paul
Here we go :)

 
 

]]>
By: Paul joyal http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-734 Thu, 25 Oct 2012 13:45:36 +0000 http://blog.eset.com/?p=12135#comment-734 Zurab
I am not following your comment. Please explain 
Paul

]]>
By: Zurab Akhvlediani http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-733 Thu, 25 Oct 2012 09:24:43 +0000 http://blog.eset.com/?p=12135#comment-733 More detailed report about Information stealing Trojan. 
Thanks, 
Zurab Akhvlediani .
 

]]>
By: Robert Martin http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-732 Fri, 14 Sep 2012 19:47:52 +0000 http://blog.eset.com/?p=12135#comment-732 George, you are probably supporter of the Georgian government, and it can be seen from the bulshitting you are trying to sperad over here. From my Georgian friends, I know that this government is using worse methods of control, than the USSR did in its last years of existence. There is no freedom at all, and OSCE Chief called them "Leninists" recently. I am quite sure that even though the virus seems to be spread by hackers, don't be surprised that these hackers are working on the government of Georgia. That has nothing to do with Russia, this is a clear example of "Brain Police".

]]>
By: George http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-731 Thu, 26 Jul 2012 16:46:55 +0000 http://blog.eset.com/?p=12135#comment-731 Patric, are you **** kidding?
What cyber warfare, what forum? Georgia has no such resources and there is nothing done like this, no any evidence of that. Please show us at least one report or evidence.
Regarding Imedi TV – there was a TV show about that, people, who could join TV not from the start of course could would think about that. It's like 9/11 – some people thought that it was a joke or a move at start.

]]>
By: David Harley http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-730 Wed, 28 Mar 2012 09:43:06 +0000 http://blog.eset.com/?p=12135#comment-730 I can’t comment on or confirm Patric’s observations, or say whether this ties in with the Georbot attack: I don’t know the area well enough. I do remember the faked Russian invasion, though: http://www.guardian.co.uk/world/2010/mar/14/russia-georgia-fake-invasion-report

]]>
By: Patric http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-729 Tue, 27 Mar 2012 15:08:03 +0000 http://blog.eset.com/?p=12135#comment-729  
After Georgian forces had been defeated in August 2008, Mikheil Saakashvili launched active cyber warfare against Russia. As a result, the Georgian security services regularly reported that they "unmasked" Russian spies who were not arrested in exchange for the anti-Russian publications. In 2010, one of the Georgian TV channels even staged "Russian invasion" in Georgia, provoking panic and heart attacks among people.
Georgia found a successful strategy of cyber warfare involving Georgian students abroad. Their internet forums are under thorough supervision of security services. According to a Georgian youngster studying abroad, during his vacations in Tbilisi one of the security bodies invited him to install the software under the guise of creating a unified social network of Georgian compatriots abroad. It is obvious that an alliance of thousands of remote users in this network can be used to commit hacking attacks.
As a result, Georgian students abroad became an effective instrument of the Georgian leadership to implement hidden cyber attacks on their opponents. This also explains the creation of the Department of Cybersecurity within the Georgian Ministry of Internal Affairs.

]]>
By: David Harley http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-728 Fri, 23 Mar 2012 20:11:33 +0000 http://blog.eset.com/?p=12135#comment-728 In fact, Righard did say “This does not automatically mean that the Georgian government is involved. Quite often people are not aware their systems are compromised.” However, it’s misleading to equate infectious web sites with defacement: there are all too many clearly malicious web sites that are put up specifically in order to infect visitors with some form of malicious code. Naturally, we’re not saying that’s the case in this instance.

]]>
By: SPEC http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-727 Fri, 23 Mar 2012 19:56:06 +0000 http://blog.eset.com/?p=12135#comment-727 You must Notice, that Georgian Govermental Site was not Command and Control Server, it was one of the Defaced(someon hacked it) website, with injected scripts. Russian News Website-s are spreading Disinformation, that This Botnet was under control of Georgian Government. That's not true (every IT guy knows that Defacing and placing script or Iframe or it is made by Hackers)  ;)

]]>
By: emobuxuti http://www.welivesecurity.com/2012/03/21/win32georbot-information-stealing-trojan-botnet-from-georgia-with-love/#comment-726 Fri, 23 Mar 2012 07:40:08 +0000 http://blog.eset.com/?p=12135#comment-726 It is interesting. Can you tell us how you gained access to bot web panel??

]]>