4 million strong Alureon P2P botnet “practically indestructible”

Botnets are becoming quite competitive, with designers now working to remove competing bots on machines they are trying to infect.

Please do the needful – practice safe browsing, and keep your computer clean.

TDL-4 has been specifically designed to avoid destruction—whether by law-enforcement, anti-virus software, or competing botnets. On installation, TDL-4 will remove other rootkits, an act which both deprives competing operators of income and reduces the chance that the user will notice that their system is behaving strangely and attempt to repair it. The goal of a rootkit is to remain undetected, and that includes noticing that a computer simply isn’t behaving correctly.

[…]

The most significant feature, however, is the inclusion of peer-to-peer technology in the latest version of the botnet’s code. The rootkit uses the Kad peer-to-peer network, used by filesharing software eMule, to communicate between nodes. Using Kad, the botnet creates its own network of infected computers, allowing the machines to communicate with each other without relying on a central server.

via 4 million strong Alureon P2P botnet “practically indestructible”.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s