Super Bot

This sure looks like a nasty piece of work.

Massive botnet ‘indestructible,’ say researchers

A new and improved botnet that has infected more than four million PCs is “practically indestructible,” security researchers say.

“TDL-4,” the name for both the bot Trojan that infects machines and the ensuing collection of compromised computers, is “the most sophisticated threat today,” said Kaspersky Labs researcher Sergey Golovanov in a detailed analysis Monday.

“[TDL-4] is practically indestructible,” Golovanov said.

. . .

TDL-4 infects the MBR, or master boot record, of the PC with a rootkit — malware that hides by subverting the operating system. The master boot record is the first sector — sector 0 — of the hard drive, where code is stored to bootstrap the operating system after the computer’s BIOS does its start-up checks.

Because TDL-4 installs its rootkit on the MBR, it is invisible to both the operating system and more, importantly, security software designed to sniff out malicious code.

But that’s not TDL-4’s secret weapon.

What makes the botnet indestructible is the combination of its advanced encryption and the use of a public peer-to-peer (P2P) network for the instructions issued to the malware by command-and-control (C&C) servers.

See also:
TDL4 – Top Bot
Sophisticated TDL-4 Botnet Has 4.5 Million Infected Zombies
‘Indestructible’ rootkit enslaves 4.5m PCs in 3 months
TDL-4 creates 4.5 million PC ‘indestructible’ botnet
Security Researchers Discover the Mother of All Botnets
TDL-4: The ‘indestructible’ botnet?
There’s a Botnet Called TDL-4 That’s Virtually Indestructable
‘Indestructible’ Botnet Enslaves 4.5 Million PCs
‘Indestructible’ Zombie PC Botnet Borrows Exploit From Israeli, U.S. Cyberweapon
Have cybercriminals created the perfect botnet — undetectable and indestructible?

If you ever needed a reason and reminder to keep your operating system, anti-virus, and anti-spywware software patched and up to date, this would be a good one.

/remember, if you’re not part of the solution, you’re potentially part of the problem

Advertisements

Oops, They Did It Again!

Despite having nearly an entire month to get their act together, Sony’s apparently still wearing their security pants down around their ankles.

Sony Hacked Yet Again

Hard as it may be to believe, Sony has been hacked yet again.

According to a report in the Wall Street Journal, So-net Entertainment Corp., a Japanese ISP owned by the technology giant, said that hackers accessed its customer rewards site earlier this week and stole customers’ redeemable gift points worth about $1,225.

The incident is the latest in a weeks-long string of hacks and breaches of security for Sony. The trouble began on April 19, when the company began investigating and ultimately discovered a massive breach of security on its PlayStation Network, a cyberscandal that compromised the personal information of more than 100 million users.

See also:
Sony’s Security Nightmare Not Over, Hacked Again
Fresh security glitch adds to Sony’s woes
Sony hit again with two hacks
Sony hacked twice in one day, this time $1225 was stolen from accounts in Japan
Sony subsidiary So-net reports data breach
Yep, Looks Like Sony’s Been Hacked Again
Sony Faces Another Hack Attack
Sony hacked again
Sony Hacked Again, Server Hosting Credit Card Phishing Site
Do You Own A Sony HackStation?

And if all this hacking wasn’t bad enough . . .

Sony Can’t Guarantee PlayStation Network Security

Sony CEO Howard Stringer says he cannot guarantee the security of his company’s videogame network. . . . maintaining security is a “never-ending process,” and he cannot say that anyone is “100 percent secure.”

/not exactly confidence inspiring, I’ll be taking a pass on Sony products for the foreseeable future