The National Cyber Security Centre in the control of the Dorifel-virus outbreak about sixty domain names addressed. Also, ten notice-and-takedown-requests sent to servers located in Austria, USA, Vietnam and Russia.
Reports that minister of Security and Justice Ivo Opstelten in response to parliamentary Questions. According to Opstelten, the National Cyber Security Centre the Dorifel outbreak under control know how to get by active domain names to block, or to lead. There are about sixty domain names addressed. To server administrators in Austria, USA, Vietnam and Russia are notice-and-takedown-requests sent to command & control servers behind the Citadel botnet from the air. Furthermore, a Dutch isp has several ip addresses blocked that were used for the malware to spread.
The ministry reports that of thirty organizations known to be affected by Dorifel, but that the likely number significantly higher, as many institutions and companies here no publicity to want to give. The minister further writes that from the exposed log data of the malware shows that there are approximately 3,500 systems have been infected with Dorifel, of which 90 percent in the Netherlands. According to Opstelten, are Windows-based computers from both the business sector and the government affected, probably in a proportionate ratio.
Dorifel is expected in the coming weeks here and there be found, because the administrators of the Citadel botnet would attempt the infrastructure to recover. Further, would the minister not say whether the people behind the Citadel botnet caught because of the police investigation is still ongoing.
The questions were by various own parliament set as a result of the Dorifel-virus outbreak. The malware did in August, the networks of various government organizations and public institutions to disrupt. The virus encrypted Word and Excel documents on network shares, and changed the file extension of the documents ‘.scr’, the Windows file extension for screen savers. The malware was not initially made by the anti-virus scanners recognized.