"Indestructible" botnet runs amok
By Chris Taylor
04/07/2011
Security researchers at Kapersky Lab have release details of a seemingly "indestructible" botnet.
TDL-4 is the fourth generation of the botnet, which attempts to riddle a vulnerable computer with malware before the operating system (OS) boots.
Once infected, cyber criminals can "manipulate adware and search engines, provide anonymous Internet access, and act as a launch pad for other malware," Kapersky revealed in a blog post.
Virus writers have made each iteration of the malware harder to detect, burying it deeper and deeper within the OS.
As with any new virus or malware, patch management software is highly recommended as line of first defense to ensure that computer systems are up-to-date and ready to combat attacks.
Explaining the sophistication of TDL-4, Kaspersky wrote: "The malware writers extended the program functionality, changed the algorithm used to encrypt the communication protocol between bots and the botnet command and control servers, and attempted to ensure they had access to infected computers even in cases where the botnet control centers are shut down.
"The owners of TDL are essentially trying to create an 'indestructible' botnet that is protected against attacks, competitors, and antivirus companies," it added.
CNet News cited the scale of infection across the world. They noted that 28 per cent of all infected TDL-4 computers are in the U.S. India and Indonesia infection rates stand at 7 per cent, while somewhere between 3 and 5 per cent of computers in the U.K., Italy, France, and other countries are infected with TDL-4.
Collectively, more than 4.5 million computers were infected with TDL-4 in the first three months of 2011 alone.
