Indestructible Cyber Threat (Part 2)

Privacy and Surveillance

Indestructible Cyber Threat (Part 2)

Previous

Contents

Next

Louie Brown

It has been detected that the victims are spread worldwide where the largest number of victims are, 28% in the US but significant numbers are in India (7%) and the UK (5%) while smaller numbers, 3%, are found in France, Germany and Canada.

Researchers believe that it is the way the botnet operates that makes it so hard to tackle and shut down. The virus installs itself in a system file known as the master boot record, a file the holds the list of instructions when a computer starts. It is a good place to hide because it is rarely scanned by most standard anti-virus programs available in the market.

The makers of the latest version of TDL made up their own encryption system to protect communication to those who are controlling the botnet. This makes it hard to do any significant analysis of traffic between hijacked PCs and the botnet's controllers. TDL-4 also sends out instructions to infected machines using a public peer-to-peer network rather than centralized command systems. This hardens the analysis because it removes the need for command servers that regularly communicate with infected machines, making it harder to find the location of the controller.

"For all intents and purposes, [TDL-4] is very tough to remove," said Joe Stewart, director of malware research at Dell SecureWorks to Computerworld. "It's definitely one of the most sophisticated botnets out there."

But the sophistication of TDL-4 might aid in its downfall, according to the Kaspersky researchers who found bugs in the virus’ complex code. This let them pry on databases logging how many infections TDL-4 had racked up and was aiding their investigation into its creators.

You can talk about... Indestructible Cyber Threat (Part 2)

Tags: • cyber threat •

• Indestructible Cyber Threat (cyber crime)

Previous

Contents

Next

Privacy & DMCA Policy -- Sitemap
cyber crime Indestructible Cyber Threat (Part 2)