Researchers Find Seemingly Indestructible Botnet

Sue Marquette Poremba

The title of a recent article, "Security Researchers Discover the Mother of All Botnets," piqued my interest. You see a title like that and how can you not look, right? But a botnet worse than Zeus? Or worse than Stuxnet or Rustock? A botnet so bad that you call it the "Mother of All Botnets"? Yikes.


This is what had to say:

A new strain of the TDSS malware has been pegged as "the most sophisticated threat" to computer security in the world today by a Kaspersky Labs researcher and is being used to slave more than 4.5 million PCs in a massive botnet that's equipped with an "anti-virus" to prevent other bot-creating viruses from taking it over.

Called "TDL-4," it is considered by Kaspersky Labs and other security researchers to be seemingly indestructible.

According to a Computerworld article, Kaspersky Labs researcher Sergey Golovanov said:

For one thing, said Golovanov, TDL-4 infects the MBR, or master boot record, of the PC with a rootkit -- malware that hides by subverting the operating system. The master boot record is the first sector -- sector 0 -- of the hard drive, where code is stored to bootstrap the operating system after the computer's BIOS does its start-up checks.

The botnet is targeting Windows PCs, and according to an article at BBC, 4.5 million PCs have been infected over the past 3 months, since TDL-4 arrived. The BBC article added:

The TDL virus spreads via booby-trapped websites and infects a machine by exploiting unpatched vulnerabilities. The virus has been found lurking on sites offering porn and pirated movies as well as those that let people store video and image files.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.