Skip to main content

Major Server Ring Distributing Malware Taken Down

By May 1, 2018June 8th, 2022Cybersecurity

Score one for the good guys.  A researcher from BrilliantIT was recently able to figure out how infected computers would connect to EITest’s command and control server, and using that information, was able to bring down their entire network.

If you haven’t heard of EITest before, the true significance of that statement might not be registering.

EITest first appeared in 2011.  In its original incarnation, it was little more than an annoyance.  It was a collection of compromised servers used to direct web traffic to poisoned websites, where the owners could infect unsuspecting users with their homegrown malware.

In 2013, EITest’s owners got savvy, relentlessly grew their network to more than 52,000 compromised machines and started renting their network out to hackers around the world to drive traffic to their poisoned websites. This unleashed a torrent of wildly destructive malware.  Ever since, it’s been a thorn in the side of IT professionals everywhere.

Using the crack discovered by BrilliantIT, researchers were able to redirect all traffic to a sinkhole, effectively shutting the network down altogether.

Since then, it appears that the hackers have made one halfhearted attempt to regain control of their network, and then apparently gave up on the idea.

While this is undeniably good news, EITest isn’t the only traffic distribution network on the Dark Web, and even if the hackers have given up on the idea of recovering access to their old network, there’s nothing stopping them from building a whole new one.  That’s not to undercut the significance of the victory here, but rather, merely to point out that it’s a temporary win and reprieve, at best.  They’ll be back.  They always come back.

Good news is rare on the security front, and when it is found, we should all take a moment to celebrate.  Kudos to the team at BrilliantIT!

Jason Manteiga

Jason J. Manteiga, Vice President of Olmec Systems, has been part of the company for over the past 20 years. He believes that having a great work environment and supportive team, is the ultimate key to success. Since being in the IT realm for over 25 years, Jason, along with Olmec Systems, has been on the Inc. 5000 “List of America’s Fastest Growing Private Companies” and Channel Futures MSP 501 “Top Managed Service Providers in North America,” along with other awards and nominations. Jason earned his Bachelor Degree in Information Systems from the New Jersey Institute of Technology. He also holds certifications in Microsoft MCSE, VMWare VCP, and Cisco CCNA. In his spare time, Jason is a contributor for The Center for Social & Legal Research (Privacy Exchange) and a member of the Morris County Chamber of Commerce. His hobbies include cycling and kayaking. He currently lives in New Jersey with his wife, two daughters and son.