Bamital Botnet-Take Down by Microsoft and Symantec

A click-fraud malware was propagating widely and Symantec announced the takedown of the Bamital botnet in partnership with Microsoft to identify and shutdown the vital components of botnet.

Watch this to understand Bamital–The Clickjacking Trojan (Video) by Symantec

Bamital is a malware designed to hijack search engine results, redirecting clicks on these search results to an attacker controlled command-and-control (C&C) server. The C&C server redirects these search results to websites of the attackers' choosing. Bamital also has the ability to click on advertisements without user interaction. This results in poor user experience when using search engines along with an increased risk of further malware infections.

Bamital also intercepts web browser traffic and prevents access to certain security-related websites by modifying the Hosts file. The local Hosts file overrides the DNS resolution of a website URL to a particular IP address. Malicious software may make modifications to the Hosts file to redirect specified URLs to different IP addresses. Malware often modifies a computer's Hosts file to stop users from accessing websites associated with particular security-related applications (such as antivirus for example). Bamital variants may also modify certain legitimate Windows files in order to execute their payload. Bamital has primarily propagated through drive-by-downloads and maliciously modified files in peer-to-peer (P2P) networks.

In case, if you reach to this page "https://malwarenotice.microsoft.com/" while searching for something else, you are likely infected by Bamital malware. Please read the instructions mentioned properly and act smartly to help yourself.

Many of the leading anti-malware tools available online can help clean this malware from your computer. Free malware removal tools:
Microsoft Safety Scanner - https://support.microsoft.com/botnets
Norton Power Eraser - https://www.norton.com/bamital


To read detailed analysis, please follow:
Symantec
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/trojan_bamital.pdf
http://www.symantec.com/security_response/writeup.jsp?docid=2010-070108-5941-99
http://www.symantec.com/connect/blogs/bamital-bites-dust

Microsoft
http://blogs.technet.com/b/serverandtools/archive/2013/02/07/microsoft-and-symantec-take-down-harmful-bamital-botnet.aspx
http://blogs.technet.com/b/security/archive/2013/02/06/b58-botnet-takedown-crushes-search-hijacking-and-click-fraud-scams.aspx
http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Win32%2fBamital
http://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Trojan%3aWin32%2fBamital
http://blogs.technet.com/b/microsoft_blog/archive/2013/02/06/microsoft-and-symantec-take-down-bamital-botnet-that-hijacks-online-searches.aspx

Year 2038 problem

31st Dec 2036 is the last date for iPhones and Androids phone. No one will be able to see New year of 2037 on their phones. :-) Tested with my own Android device, I am not able to set dates beyond 31st December 2036. :-(
To read more, follow:
http://en.wikipedia.org/wiki/Year_2038_problem
http://www.f-secure.com/weblog/archives/00002489.html