It appears you have not yet registered with our community. To register please click here...

Go Back [M] > Madshrimps > WebNews
4 million strong Alureon P2P botnet "practically indestructible" 4 million strong Alureon P2P botnet "practically indestructible"
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read

4 million strong Alureon P2P botnet "practically indestructible"
Thread Tools
Old 4th July 2011, 19:16   #1
jmke's Avatar
Join Date: May 2002
Location: 7090/Belgium
Posts: 78,994
jmke has disabled reputation
Default 4 million strong Alureon P2P botnet "practically indestructible"

Researchers at Kaspersky Labs analyzing the 4.5 million-strong Alureon botnet (also known as TDL and TDSS) have branded it "practically indestructible." Law enforcement agencies have had some success recently at disrupting and bringing down botnets, with Coreflood, Rustock, and Waledac all successfully disrupted. The design of TDL's underlying rootkit is going to make similar retaliatory action much harder to pull of.

TDL-4 has been specifically designed to avoid destruction—whether by law-enforcement, anti-virus software, or competing botnets. On installation, TDL-4 will remove other rootkits, an act which both deprives competing operators of income and reduces the chance that the user will notice that their system is behaving strangely and attempt to repair it. The goal of a rootkit is to remain undetected, and that includes noticing that a computer simply isn't behaving correctly.

To make this hiding more effective, the rootkit infects the system's master boot record (MBR), part of a hard disk that contains critical code used to boot the operating system. Infecting the MBR means that the rootkit code is loaded even before the operating system (let alone anti-virus software) can run; it's another move to make the rootkit harder to detect and remove. The software also encrypts all network traffic to prevent eavesdropping or hijacking by other botnet owners.
jmke is offline   Reply With Quote

Similar Threads
Thread Thread Starter Forum Replies Last Post
Newegg Customers Get Empty "Demo" Intel CPU Boxes.. Core i7 "inside"? jmke WebNews 11 9th March 2010 10:53
Server roundup: Intel "Nehalem" Xeon versus AMD "Shanghai" Opteron jmke WebNews 0 4th May 2009 16:52
DUH news of today: Intel "Pentium" still stronger brand name than "Core" jmke WebNews 1 19th March 2009 19:15
DHL "lost" 21,600 Xbox 360 consoles: Microsoft seeks more than $2 million in damages jmke WebNews 3 15th October 2008 21:54
Intel launches "Tigerton" quad-core Xeons, new "Caneland" server platform jmke WebNews 0 6th September 2007 09:13
The R520 "Fudo" could have 300 million transistors jmke WebNews 0 2nd September 2004 16:41

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

All times are GMT +1. The time now is 18:32.

Powered by vBulletin® - Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO