Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Botnet

Massive Botnet "Indestructible," Say Researchers 583

CWmike writes "A new and improved botnet that has infected more than four million PCs is 'practically indestructible,' security researchers say. TDL-4, the name for both the bot Trojan that infects machines and the ensuing collection of compromised computers, is 'the most sophisticated threat today,' said Kaspersky Labs researcher Sergey Golovanov in a detailed analysis on Monday. Others agree. 'I wouldn't say it's perfectly indestructible, but it is pretty much indestructible,' Joe Stewart, director of malware research at Dell SecureWorks and an internationally-known botnet expert, told Computerworld on Wednesday. 'It does a very good job of maintaining itself.' Because TDL-4 installs its rootkit on the MBR, it is invisible to both the operating system and more, importantly, security software designed to sniff out malicious code. But that's not TDL-4's secret weapon. What makes the botnet indestructible is the combination of its advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by command-and-control (C&C) servers. 'The way peer-to-peer is used for TDL-4 will make it extremely hard to take down this botnet,' said Roel Schouwenberg, senior malware researcher at Kaspersky. 'The TDL guys are doing their utmost not to become the next gang to lose their botnet.'"

Slashdot Top Deals

Remember: Silly is a state of Mind, Stupid is a way of Life. -- Dave Butler

Working...