{"id":34571,"date":"2014-04-07T16:37:22","date_gmt":"2014-04-07T23:37:22","guid":{"rendered":"http:\/\/blogs.mcafee.com\/?p=34571"},"modified":"2025-06-08T20:10:29","modified_gmt":"2025-06-09T03:10:29","slug":"zbot-botnet-steals-thousands-credentials","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/","title":{"rendered":"Zbot Botnet Steals Thousands of Credentials"},"content":{"rendered":"

In McAfee Labs we keep a close eye on the Zeus\/Zbot\/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following graph shows the total number of Zbot samples submitted to McAfee Labs in recent months.<\/p>\n

\"20140407<\/a><\/p>\n

For a couple of weeks, McAfee Labs has followed a global Zbot campaign, in which payloads have been used to steal credentials. Between the end of March and April 3, the amount of bots connected to the botnet ranged between 26,000 and 41,000.<\/p>\n

 <\/p>\n

Countries Involved<\/b><\/span><\/h2>\n

The following map and table are based on the data of April 2. Only countries with more than 80 bots are highlighted:<\/p>\n

\"20140407<\/a><\/p>\n

\"20140407<\/a><\/p>\n

The top 10 countries infected with the data-stealing malware:<\/p>\n

Country\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 Number of Bots<\/b><\/p>\n

1.\u00a0\u00a0 United Kingdom\u00a0\u00a0\u00a0 6,694<\/p>\n

2.\u00a0\u00a0 India\u00a0\u00a0\u00a0\u00a0 \u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 4,820<\/p>\n

3.\u00a0\u00a0 South Africa\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 3,472<\/p>\n

4.\u00a0 \u00a0China\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 1,197<\/p>\n

5.\u00a0\u00a0 Indonesia\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 1,175<\/p>\n

6.\u00a0\u00a0 South Korea\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 1,034<\/p>\n

7.\u00a0\u00a0 Italy\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 1,029<\/p>\n

8.\u00a0\u00a0 United States\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0\u00a0\u00a0 999<\/p>\n

9.\u00a0\u00a0 Malaysia\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0 \u00a0\u00a0 958<\/p>\n

10. Taiwan\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u00a0 \u00a0\u00a0\u00a0 664<\/p>\n

 <\/p>\n

By the Numbers<\/b><\/span><\/p>\n

The statistics in the following botnet control screen show some interesting details around the most targeted CPUs and operating systems.<\/p>\n

The 32-bit CPU architecture is targeted about three times more than 64-bit systems. Windows 7 is the leading operating system, closely followed by Windows XP.<\/p>\n

When we started monitoring the botnet, the average number of bots connected to the botnet was 34,461. Around April 1, the number of bots decreased to 26,836. Immediately thereafter, we saw a successful campaign to update the number of bots, with the botnet reaching 41,820 bots. In the United Kingdom, for example, the number of bots grew by 2,000 to 8,663 infected hosts.<\/p>\n

\"20140407<\/a><\/p>\n

The botnet control server hosted at hxxp:\/\/vodrasit.su was set up around the beginning of March, although the team behind this was not very careful in guarding the root directory of their server:<\/p>\n

\"20140407<\/a><\/p>\n

Jolly Roger<\/span> <\/b><\/p>\n

The malware used to get the bots connected to the control server is called Jolly Roger. This kit has been available on the underground market since October 2013. Security blogger Kafeine offered an excellent overview in his post about this kit.<\/a><\/p>\n

During the botnet campaigns, we found a sample at hxxp:\/\/merdekapalace.com\/jr.exe<\/p>\n

In a forum in March, \u201cSilent Riot\u201d posted an update on Jolly Roger that announced support for hijacking Bitcoin wallets:<\/p>\n

\"20140407<\/a><\/p>\n

On March 13, Silent Riot mentioned a bug and an update:<\/p>\n

\"20140407<\/a><\/p>\n

The malware steals credentials from various programs on a user\u2019s computer. \u00a0The harvesting of credentials can be set up per country or campaign. In this case the botnet harvested data on http\/https, FTP, RDP, email (SMTP\/POP), and certificates:<\/p>\n

\"20140407<\/a><\/p>\n

The preceding overview shows the type of logs available; the count, the number of lines with harvested credentials; and the size of the logs. For example, 153 RDP credentials were harvested during the month\u2019s campaign. That is not the number of unique sites or links; in some cases the same links are harvested multiple times.<\/p>\n

An example of a log file:<\/p>\n

\"20140407<\/a><\/p>\n

During our investigation, we found thousands of leaked social media accounts, webmail, corporate and government email-accounts, RDP sessions into companies, and more. We have reported many of these to CERTs and law enforcement. In one case, a law enforcement agency confirmed that the leaked credentials were already being abused to commit banking fraud.<\/p>\n

The control server is no longer available, but we will keep a close watch on this particular botnet to see if it resurfaces.<\/p>\n

We would like to thank Kafeine in particular for his help, as well as the many CERTs and law enforcement agencies that responded quickly to our investigation and took actions to inform victims.<\/p>\n","protected":false},"excerpt":{"rendered":"

In McAfee Labs we keep a close eye on the Zeus\/Zbot\/Gamover botnet malware that is responsible of thousands of samples…<\/p>\n","protected":false},"author":653,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[442],"tags":[49,1814,76,32,180],"coauthors":[3576],"class_list":["post-34571","post","type-post","status-publish","format-standard","hentry","category-mcafee-labs","tag-botnet","tag-computer-security","tag-cybercrime","tag-data-protection","tag-malware"],"acf":[],"yoast_head":"\nZbot Botnet Steals Thousands of Credentials | McAfee Blog<\/title>\n<meta name=\"description\" content=\"In McAfee Labs we keep a close eye on the Zeus\/Zbot\/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Zbot Botnet Steals Thousands of Credentials | McAfee Blog\" \/>\n<meta property=\"og:description\" content=\"In McAfee Labs we keep a close eye on the Zeus\/Zbot\/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/\" \/>\n<meta property=\"og:site_name\" content=\"McAfee Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/McAfee\/\" \/>\n<meta property=\"article:published_time\" content=\"2014-04-07T23:37:22+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-06-09T03:10:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/20140407-Zbot1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"362\" \/>\n\t<meta property=\"og:image:height\" content=\"217\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Christiaan Beek\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ChristiaanBeek\" \/>\n<meta name=\"twitter:site\" content=\"@McAfee\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Christiaan Beek\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/\"},\"author\":{\"name\":\"Christiaan Beek\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/b5594548f9e30297ea54990aff356e79\"},\"headline\":\"Zbot Botnet Steals Thousands of Credentials\",\"datePublished\":\"2014-04-07T23:37:22+00:00\",\"dateModified\":\"2025-06-09T03:10:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/\"},\"wordCount\":574,\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/20140407-Zbot1.jpg\",\"keywords\":[\"botnet\",\"computer security\",\"cybercrime\",\"data protection\",\"malware\"],\"articleSection\":[\"McAfee Labs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/\",\"name\":\"Zbot Botnet Steals Thousands of Credentials | McAfee Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/20140407-Zbot1.jpg\",\"datePublished\":\"2014-04-07T23:37:22+00:00\",\"dateModified\":\"2025-06-09T03:10:29+00:00\",\"description\":\"In McAfee Labs we keep a close eye on the Zeus\/Zbot\/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following\",\"breadcrumb\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#primaryimage\",\"url\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/20140407-Zbot1.jpg\",\"contentUrl\":\"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/20140407-Zbot1.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Blog\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Other Blogs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"McAfee Labs\",\"item\":\"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Zbot Botnet Steals Thousands of Credentials\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#website\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"name\":\"McAfee Blog\",\"description\":\"Internet Security News\",\"publisher\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#organization\",\"name\":\"McAfee\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png\",\"width\":1286,\"height\":336,\"caption\":\"McAfee\"},\"image\":{\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/McAfee\/\",\"https:\/\/x.com\/McAfee\",\"https:\/\/www.linkedin.com\/company\/mcafee\/\",\"https:\/\/www.youtube.com\/McAfee\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/b5594548f9e30297ea54990aff356e79\",\"name\":\"Christiaan Beek\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/09179574bcf76b6304ed08e621f59379\",\"url\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/08\/2-96x96.png\",\"contentUrl\":\"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/08\/2-96x96.png\",\"caption\":\"Christiaan Beek\"},\"description\":\"Christiaan Beek is the Lead Scientist & Sr. Principal Engineer of the Enterprise Office of the CTO. He is leading the strategic threat intelligence research with a focus on inventing new technology, research techniques and models. Visionary and serving leadership is at the core of his day-to-day job, getting the best out of people and collaborate to make the (cyber) world safer and a better place. In previous roles, Beek was Director of Threat Intelligence in McAfee Labs and Director of Incident Response and Forensics at Foundstone, McAfee\u2019s forensic services arm. At Foundstone, he led a team of forensic specialists in Europe, the Middle East, and Africa during major breaches. Beek develops threat intelligence strategy, designs and envision threat intelligence systems and new research techniques. Christiaan speaks regularly at conferences, including BlackHat, RSA, BlueHat and Botconf. Besides contributed to the best-selling security book \\\"Hacking Exposed\\\", he wrote a comic book about Ransomware, is a contributor to the MITRE ATT&CK framework and holds multiple patents.\",\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/christiaanbeek\/\",\"https:\/\/x.com\/ChristiaanBeek\"],\"url\":\"https:\/\/www.mcafee.com\/blogs\/author\/christiaan-beek\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Zbot Botnet Steals Thousands of Credentials | McAfee Blog","description":"In McAfee Labs we keep a close eye on the Zeus\/Zbot\/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Zbot Botnet Steals Thousands of Credentials | McAfee Blog","og_description":"In McAfee Labs we keep a close eye on the Zeus\/Zbot\/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following","og_url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/","og_site_name":"McAfee Blog","article_publisher":"https:\/\/www.facebook.com\/McAfee\/","article_published_time":"2014-04-07T23:37:22+00:00","article_modified_time":"2025-06-09T03:10:29+00:00","og_image":[{"width":362,"height":217,"url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/20140407-Zbot1.jpg","type":"image\/jpeg"}],"author":"Christiaan Beek","twitter_card":"summary_large_image","twitter_creator":"@ChristiaanBeek","twitter_site":"@McAfee","twitter_misc":{"Written by":"Christiaan Beek","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#article","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/"},"author":{"name":"Christiaan Beek","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/b5594548f9e30297ea54990aff356e79"},"headline":"Zbot Botnet Steals Thousands of Credentials","datePublished":"2014-04-07T23:37:22+00:00","dateModified":"2025-06-09T03:10:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/"},"wordCount":574,"publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#primaryimage"},"thumbnailUrl":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/20140407-Zbot1.jpg","keywords":["botnet","computer security","cybercrime","data protection","malware"],"articleSection":["McAfee Labs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/","url":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/","name":"Zbot Botnet Steals Thousands of Credentials | McAfee Blog","isPartOf":{"@id":"https:\/\/www.mcafee.com\/blogs\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#primaryimage"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#primaryimage"},"thumbnailUrl":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/20140407-Zbot1.jpg","datePublished":"2014-04-07T23:37:22+00:00","dateModified":"2025-06-09T03:10:29+00:00","description":"In McAfee Labs we keep a close eye on the Zeus\/Zbot\/Gamover botnet malware that is responsible of thousands of samples we gather each day. The following","breadcrumb":{"@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#primaryimage","url":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/20140407-Zbot1.jpg","contentUrl":"https:\/\/securingtomorrow.mcafee.com\/wp-content\/uploads\/20140407-Zbot1.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/zbot-botnet-steals-thousands-credentials\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Blog","item":"https:\/\/www.mcafee.com\/blogs\/"},{"@type":"ListItem","position":2,"name":"Other Blogs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/"},{"@type":"ListItem","position":3,"name":"McAfee Labs","item":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/"},{"@type":"ListItem","position":4,"name":"Zbot Botnet Steals Thousands of Credentials"}]},{"@type":"WebSite","@id":"https:\/\/www.mcafee.com\/blogs\/#website","url":"https:\/\/www.mcafee.com\/blogs\/","name":"McAfee Blog","description":"Internet Security News","publisher":{"@id":"https:\/\/www.mcafee.com\/blogs\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.mcafee.com\/blogs\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.mcafee.com\/blogs\/#organization","name":"McAfee","url":"https:\/\/www.mcafee.com\/blogs\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2023\/02\/mcafee-logo.png","width":1286,"height":336,"caption":"McAfee"},"image":{"@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/McAfee\/","https:\/\/x.com\/McAfee","https:\/\/www.linkedin.com\/company\/mcafee\/","https:\/\/www.youtube.com\/McAfee"]},{"@type":"Person","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/b5594548f9e30297ea54990aff356e79","name":"Christiaan Beek","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.mcafee.com\/blogs\/#\/schema\/person\/image\/09179574bcf76b6304ed08e621f59379","url":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/08\/2-96x96.png","contentUrl":"https:\/\/www.mcafee.com\/blogs\/wp-content\/uploads\/2021\/08\/2-96x96.png","caption":"Christiaan Beek"},"description":"Christiaan Beek is the Lead Scientist & Sr. Principal Engineer of the Enterprise Office of the CTO. He is leading the strategic threat intelligence research with a focus on inventing new technology, research techniques and models. Visionary and serving leadership is at the core of his day-to-day job, getting the best out of people and collaborate to make the (cyber) world safer and a better place. In previous roles, Beek was Director of Threat Intelligence in McAfee Labs and Director of Incident Response and Forensics at Foundstone, McAfee\u2019s forensic services arm. At Foundstone, he led a team of forensic specialists in Europe, the Middle East, and Africa during major breaches. Beek develops threat intelligence strategy, designs and envision threat intelligence systems and new research techniques. Christiaan speaks regularly at conferences, including BlackHat, RSA, BlueHat and Botconf. Besides contributed to the best-selling security book \"Hacking Exposed\", he wrote a comic book about Ransomware, is a contributor to the MITRE ATT&CK framework and holds multiple patents.","sameAs":["https:\/\/www.linkedin.com\/in\/christiaanbeek\/","https:\/\/x.com\/ChristiaanBeek"],"url":"https:\/\/www.mcafee.com\/blogs\/author\/christiaan-beek\/"}]}},"_links":{"self":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/34571","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/users\/653"}],"replies":[{"embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/comments?post=34571"}],"version-history":[{"count":3,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/34571\/revisions"}],"predecessor-version":[{"id":215300,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/posts\/34571\/revisions\/215300"}],"wp:attachment":[{"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/media?parent=34571"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/categories?post=34571"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/tags?post=34571"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.mcafee.com\/blogs\/wp-json\/wp\/v2\/coauthors?post=34571"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}