Blue Coat Systems was successful in protecting its 75 million users from the latest attack launched by Shnakule.
Touted to be the largest malware network (malnet) on the Internet, Shnakule was thwarted by Blue Coat through its Blue Coat WebPulse.
Blue Coat Systems, a provider of Web security and WAN optimisation solutions, notes that it was preparing for this attack.
Tracking of the Shnakule infrastructure by Blue Coat Security Labs enabled WebPulse to identify the new threat and this approach can provide similar protection from other harmful cyber attacks.
"As noteworthy as this attack was, it is simply another traffic driver for a well-established malnet, providing further evidence that cyber criminals do not suddenly appear out of the woodwork to launch high profile attacks," said Dr. Tim van der Horst, senior malware researcher at Blue Coat Systems.
"The Shnakule infrastructure runs 24x7 and launches new attacks in an effort to infect new victims. WebPulse tracks malnet infrastructures to protect its users independently of the traffic-driving method du jour."
Collaborative defence provided through WebPulse enables Blue Coat to track more than 500 malnets and block access to the infrastructure that is used to serve new attacks.
The Shnakule malnet attack host was one of many malicious sites on a server that WebPulse had already categorised and blocked as a malware host. This proactive approach protected users from the attack that launched three days later.
Elaborating further on the attack episode, Blue Coat notes that the Shnakule network averages around 2,000 unique host names per day with as many as 5,708 in a single day. Although this network has traditionally been active with fake anti-virus attacks conducted via search engine poisoning, it has lately expanded into new types of attacks.
Blue Coat's WebPulse service logs more than 21,000 requests into that malnet on an average day. The malnet launched a malvertising attack in July 2011 and according to Blue Coat, it logged 15,000 user requests related to that attack.
Sign up for Computerworld eNewsletters.