Update: Kaspersky increases warnings of “indestructible” TDL-4 botnet

Update: Kaspersky increases warnings of “indestructible” TDL-4 botnet

Top security expert fears 2008 botnet is dangerously sophisticated, difficult to track and essentially indestructible.

A vicious new botnet dubbed TDL-4, made up of more than 4.5 million infected computers is running wild, according to security firm Kaspersky.

The security specialist has described the botnet as potentially “indestructible.”

The name TDL-4 comes from the fact that it's the fourth iteration of this particular botnet since it arrived in 2008. Kaspersky says its creators have significantly improved the TDL botnet this time round and the 4.5 million affected computers are all believed to have been infected in the first three months of this year.

“The malware detected by Kaspersky Anti-Virus as TDSS is the most sophisticated threat today,” said Sergey Golovanov and Igor Soumenkov, researchers at Kaspersky Labs.

The powerful rootkit used by TDL’s developers means it can conceal the presence of malware on a system, according to the researchers. It has also been setup to resist attempts to remove it from infected machines and to eliminate competing malware.

Peer-to-peer networking techniques have been used, meaning the botnet is difficult to track. Furthermore, if its control servers were seized or shut down the group responsible could still keep it running.

“The owners of TDL are essentially trying to create an ‘indestructible’ botnet that is protected against attacks, competitors, and antivirus companies,” the researchers added.

Kaspersky Labs revealed that TDL is now spread by affiliates – a network of rogue “adult content sites, bootleg websites, and video and file storage services.”

Affiliate programs from these sites use a client which makes operating system checks and then downloads TDL-4 to the computer.

“Affiliates receive between $20 to $200 for every 1,000 installations of TDL, depending on the location of the victim computer,” Kaspersky added.

At present, the majority of the TDL-4 botnet is on machines located in the US.

This article originally appeared at itpro.co.uk

Source: Copyright © ITPro, Dennis Publishing

See more about:  kaspersky  |  warns
 
 

Readers of this article also read...

Microsoft reveals Windows 10 preview has a keylogger 

Microsoft reveals Windows 10 preview has a keylogger

 
Seagate drive teardown 

Seagate drive teardown

 
Microsoft's redemption: DirectX 12 

Microsoft's redemption: DirectX 12

 
30 best FPS games ever 

30 best FPS games ever

 
30 great - and free! - Android games 

30 great - and free! - Android games

 

Latest Comments

Latest Poll

What PC component are you planning to upgrade in the next six months










Ads by Google

From our Partners

PC & Tech Authority Downloads