Super Bot

Posted on June 30, 2011 by Killian Bundy

This sure looks like a nasty piece of work.

Massive botnet ‘indestructible,’ say researchers

A new and improved botnet that has infected more than four million PCs is “practically indestructible,” security researchers say.

“TDL-4,” the name for both the bot Trojan that infects machines and the ensuing collection of compromised computers, is “the most sophisticated threat today,” said Kaspersky Labs researcher Sergey Golovanov in a detailed analysis Monday.

“[TDL-4] is practically indestructible,” Golovanov said.

. . .

TDL-4 infects the MBR, or master boot record, of the PC with a rootkit — malware that hides by subverting the operating system. The master boot record is the first sector — sector 0 — of the hard drive, where code is stored to bootstrap the operating system after the computer’s BIOS does its start-up checks.

Because TDL-4 installs its rootkit on the MBR, it is invisible to both the operating system and more, importantly, security software designed to sniff out malicious code.

But that’s not TDL-4’s secret weapon.

What makes the botnet indestructible is the combination of its advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by command-and-control (C&C) servers.

See also:
TDL4 – Top Bot
Sophisticated TDL-4 Botnet Has 4.5 Million Infected Zombies
‘Indestructible’ rootkit enslaves 4.5m PCs in 3 months
TDL-4 creates 4.5 million PC ‘indestructible’ botnet
Security Researchers Discover the Mother of All Botnets
TDL-4: The ‘indestructible’ botnet?
There’s a Botnet Called TDL-4 That’s Virtually Indestructable
‘Indestructible’ Botnet Enslaves 4.5 Million PCs
‘Indestructible’ Zombie PC Botnet Borrows Exploit From Israeli, U.S. Cyberweapon
Have cybercriminals created the perfect botnet — undetectable and indestructible?

If you ever needed a reason and reminder to keep your operating system, anti-virus, and anti-spywware software patched and up to date, this would be a good one.

/remember, if you’re not part of the solution, you’re potentially part of the problem

Filed under: Blog Entry | Tagged: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , | 3 Comments »

He’s Fallen And Let’s Hope He Can’t Get up

Posted on May 31, 2010 by Killian Bundy

The Obama Administration is claiming to have killed another top level terrorist. Hopefully, unlike the last terrorist leader they claimed to have killed, this one will stay dead.

May he continue to rest in pieces.

U.S. believes it has killed al Qaeda’s No. 3 man

The U.S. government believes it has killed al Qaeda’s chief operating officer, an Egyptian named Mustafa Abu al-Yazid who is also known Sheikh Sa’id al-Masri and also Sheikh Said.

A U.S. counterterrorism official in a position to know said the al Qaeda leader served as a conduit between al Qaeda’s top two leaders — Osama bin Laden and Ayman al-Zawahiri — and the organization’s various affiliates around the world. Sheik Said was indirectly in contact with Najibullah Zazi, the Afghan immigrant and airport shuttle driver who was arrested and charged last year for plotting to detonate explosives in New York, according to an Associated Press story from October.

“Word is spreading in extremist circles of the death of Sheikh Sa’id al-Masri, widely viewed as the number three figure in al Qaeda,” a U.S. counterterrorism official said. “We have strong reason to believe that’s true, and that al-Masri was killed recently in Pakistan’s tribal areas. In terms of counterterrorism, this would be a big victory. “Al-Masri was the group’s chief operating officer, with a hand in everything from finances to operational planning. He was also the organization’s prime conduit to Bin Ladin and Zawahiri. He was key to al Qaeda’s command and control,” the official said

Bill Roggio, the editor of the Long War Journal, reported Monday night that al-Yazid was killed in a drone strike from May 21 that at the time was believed to kill 10 militants.

See also:
Drone strike reportedly killed Al Qaeda No. 3 Mustafa Abu al-Yazid
Daily brief: drone reportedly kills Qaeda no. 3
Third-Ranking al-Qaida Leader Killed in Pakistan
Al-Qaeda No.3 Yazid killed
AP source: US thinks No. 3 al-Qaida official dead
Al-Qa’ida’s No 3 Sheik Said al-Masri killed in drone strike
US strike reportedly kills top Al Qaeda leader
No. 3 al-Qaeda commander killed during military surge in Afghanistan
Islamic site: Al-Qaida’s third in command killed
Strike Is Said to Kill a Top Qaeda Leader
Al-Qaida’s No. 3, Sheikh Al-Masri, Reportedly Killed
Al Qaeda No. 3 believed killed
US officials say AL Qaeda number 3 dead in Pakistan tribal region
Senior al-Qaeda leader Mustafa Abu al-Yazid Killed in a missile strike
Pakistani intelligence officials say U.S. missile strike killed al-Yazid
Qaeda says top leader Yazid dead: monitors

So, it seems that Sa’id al-Masri was practically Osama bin Laden’s personal assistant, his right hand man, as close as close can be.

/if we can find and kill al-Masri, why can’t we find and kill bin Laden?

Filed under: Blog Entry | Tagged: , , , , , , , , , , , , , , , , , , , , , , | Leave a comment »