Jolly Roger malware hits SA in a big way

A new botnet has compromised 5,840 users in South Africa, according to information from an industry source.
Routine investigations into botnets, phishing, and other malicious computer network-related operations in South Africa apparently revealed botnet activities associated with the vodrasit.ru domain name.
Naming the botnet “Jolly_Roger”, the source indicated that the activities were detected on 23 March 2014.
The files All.exe and Rok.exe were detected on compromised hosts, and while they are not known malware yet, they were found to be maliciously injecting code into the explorer process of Windows.
According to the source, information harvested by the botnet has already been employed in defrauding credit cards.
Zscaler, an online security provider, wrote about the botnet on its blog on 25 March 2014, saying that its is a variant of Zbot, or the Zeus botnet.
More security news
Catching online pirates in SA using IP addresses
E-toll website security flaws galore
How to stop government from spying on your torrents
Criminals messing up noble IT project in South Africa
New computer virus spreads through Wi-Fi