Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

Security researchers discover 'indestructible' botnet
BBC ^ | June 30, 2011 | Unknown

Posted on 06/30/2011 6:54:05 AM PDT by decimon

More than four million PCs have been enrolled in a botnet security experts say is almost 'indestructible'

The botnet, known as TDL, targets Windows PCs and tries hard to avoid detection and even harder to shut down.

Code that hijacks a PC hides in places security software rarely looks and the botnet is controlled using custom-made encryption.

Security researchers said recent botnet shutdowns had made TDL's controllers harden it against investigation.

The 4.5 million PCs have become victims over the last three months following the appearance of the fourth version of the TDL virus.

The changes introduced in TDL-4 made it the "most sophisticated threat today," wrote Kaspersky Labs security researchers Sergey Golovanov and Igor Soumenkov in a detailed analysis of the virus.

"The owners of TDL are essentially trying to create an 'indestructible' botnet that is protected against attacks, competitors, and anti-virus companies," wrote the researchers.

(Excerpt) Read more at bbc.co.uk ...


TOPICS: Computers/Internet
KEYWORDS: microsofttax; tdl; virus
Navigation: use the links below to view more comments.
first 1-2021-36 next last

1 posted on 06/30/2011 6:54:06 AM PDT by decimon
[ Post Reply | Private Reply | View Replies]

To: ShadowAce

Ping


2 posted on 06/30/2011 6:54:34 AM PDT by decimon
[ Post Reply | Private Reply | To 1 | View Replies]

To: decimon

June 30, 2011

“Sorry, but the TDL botnet is not ‘indestructible’ “

By Roger Grimes

http://www.infoworld.com/t/malware/sorry-the-tdl-botnet-not-indestructible-737

“Malware and alarmism over its proliferation are nothing new — and the latest boot-sector rootkit will be cured soon enough”

“The sophistication of the TDL rootkit and the global expanse of its botnet have many observers worried about the antimalware industry’s ability to respond. Clearly, the TDL malware family is designed to be difficult to detect and remove. Several respected security researchers have gone so far as to say that the TDL botnet, composed of millions of TDL-infected PCs, is “practically indestructible.”

“As a 24-year veteran of the malware wars, I can safely tell you that no threat has appeared that the antimalware industry and OS vendors did not successfully respond to. It may take months or years to kill off something, but eventually the good guys get it right.”

.....


3 posted on 06/30/2011 7:06:24 AM PDT by Texas Fossil (Government, even in its best state is but a necessary evil; in its worst state an intolerable one)
[ Post Reply | Private Reply | To 1 | View Replies]

To: decimon

Hmm, guess I have to do my porn searching with Ubuntu ;)

Seriously, people that do porn hunting on the web have a PC death wish.

Doesn’t say if any browser provides more protection than others.


4 posted on 06/30/2011 7:10:16 AM PDT by ChildOfThe60s ( If you can remember the 60s....you weren't really there)
[ Post Reply | Private Reply | To 1 | View Replies]

To: decimon

kind of impressive in a lex-luthorish way.


5 posted on 06/30/2011 7:20:29 AM PDT by rokkitapps ( Hearings on healthcare waivers NOW! (If you agree make this your tagline))
[ Post Reply | Private Reply | To 1 | View Replies]

To: ChildOfThe60s
Seriously, people that do porn hunting on the web have a PC death wish.

It seems so. Porn and pirate sites.

6 posted on 06/30/2011 7:21:34 AM PDT by decimon
[ Post Reply | Private Reply | To 4 | View Replies]

To: ChildOfThe60s

My wife has gotten two of those “Fake Alert” viruses and she was not surfing porn. Shopping sites.


7 posted on 06/30/2011 7:28:35 AM PDT by raybbr (People who still support Obama are either a Marxist or a moron.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: decimon

Is this the same one that Microsoft says forget trying to get rid of it and just reinstall your OS?

I guess reinstalling your OS wouldn’t be that big of deal, except that you have to reinstall all the updates too. Is there a way to save your updates somehow so you don’t have to download all of them again?


8 posted on 06/30/2011 7:36:04 AM PDT by smokingfrog ( sleep with one eye open ( <o> ---)
[ Post Reply | Private Reply | To 1 | View Replies]

To: smokingfrog

You can save an image of a new install after all the updates have been applied. Then you just reimage your computer if you have problems.


9 posted on 06/30/2011 7:37:05 AM PDT by Future Snake Eater (Don't stop. Keep moving!)
[ Post Reply | Private Reply | To 8 | View Replies]

To: raybbr

Sports sites and their forums seem to trigger hidden malware.


10 posted on 06/30/2011 7:38:58 AM PDT by Hillarys Gate Cult (Those who trade land for peace will end up with neither one.)
[ Post Reply | Private Reply | To 7 | View Replies]

To: decimon
Porn and pirate sites.

I've seen research reports that found the most common vector for malware and virus distribution wasn't porn sites, but free game sites geared toward children. They'll click on anything.

11 posted on 06/30/2011 7:42:11 AM PDT by tacticalogic
[ Post Reply | Private Reply | To 6 | View Replies]

To: raybbr
My wife has gotten two of those “Fake Alert” viruses and she was not surfing porn.

I got one searching for an instruction manual for an old piece of equipment.

12 posted on 06/30/2011 7:47:04 AM PDT by Ditto (Nov 2, 2010 -- Partial cleaning accomplished. More trash to remove in 2012)
[ Post Reply | Private Reply | To 7 | View Replies]

To: Texas Fossil

The black hats are no more talented than the white hats. What can be made can be destroyed.


13 posted on 06/30/2011 7:52:21 AM PDT by antiRepublicrat
[ Post Reply | Private Reply | To 3 | View Replies]

To: smokingfrog

Microsoft doesn’t say reinstall the OS. It says restore the MBR and do Recovery. That’s not the same thing.


14 posted on 06/30/2011 7:53:22 AM PDT by FredZarguna (If it can't be fixed with duct tape, it can't be fixed.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: FredZarguna

Does Spybot catch this?


15 posted on 06/30/2011 7:55:30 AM PDT by Shady (The numbers do not lie.)
[ Post Reply | Private Reply | To 14 | View Replies]

To: smokingfrog

I guess reinstalling your OS wouldn’t be that big of deal, except that you have to reinstall all the updates too. Is there a way to save your updates somehow so you don’t have to download all of them again?

***

Buy the latest version of the OS.


16 posted on 06/30/2011 8:01:37 AM PDT by ROTB (Sans Christian revival, we are government slaves, or nuked by China/Russia when we revolt.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: rdb3; Calvinist_Dark_Lord; GodGunsandGuts; CyberCowboy777; Salo; Bobsat; JosephW; ...

17 posted on 06/30/2011 8:03:00 AM PDT by ShadowAce (Linux -- The Ultimate Windows Service Pack)
[ Post Reply | Private Reply | To 1 | View Replies]

To: raybbr

I keep getting a Norton virus popup. I have long ago erased Norton from my system and anything else Symantec as well. I do not touch the popup but do shut down everything else I have running and do a virus scan using Malwarebytes. It inevitably finds one virus and elimnates it and the Norton popup disappears. That is also what happens when I get the obvious fake virus alerts. I don’t know if it is Norton or a disguise but I don’t use Norton and have to assume anything apparently from Norton is a virus. For a long time I kept getting a MSFT nagger to assent to MSFT inspecting my system and always declined and the MSFT popup would go away, Then one day it didn’t go away and my system files got corrupted. I had all legitimately purchased and licensed software but apparently MSFT got miffed because I wouldn’t give it permission to do what it does anyway. No more MSFT anything for me. So, in my experience both Norton and Microsoft are viruses.


18 posted on 06/30/2011 8:06:20 AM PDT by arthurus (Read Hazlitt's "Economics In One Lesson.")
[ Post Reply | Private Reply | To 7 | View Replies]

To: Shady
Does Spybot catch this?

I have Spybot, Malwarebytes, and AVG. They keep me safe from everything but MSFT. Malwarebytes seems to be most proficient at killing the "Virus Alerts."

19 posted on 06/30/2011 8:10:37 AM PDT by arthurus (Read Hazlitt's "Economics In One Lesson.")
[ Post Reply | Private Reply | To 15 | View Replies]

To: raybbr

I got hit when I went to the UK Mail from an FR post. A microsoft tech guy walked me through a rescue. It can happen to anyone. I do now make damn sure my security essentials is up to date, and run a scan every day.


20 posted on 06/30/2011 8:12:45 AM PDT by Excellence
[ Post Reply | Private Reply | To 7 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-36 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson