TDL-4 Botnet Controls 4.5M Windows PCs

[Mousey]

You do not have permission to view link Log in or register now.

By Mark Long,


A researcher at security software firm Kaspersky Labs has uncovered a sophisticated botnet threat that already controls more than 4.5 million Windows-based PCs around the world, with nearly one-third of all infected machines located in the United States. Moreover, there is reason to believe that the latest strain of TDSS uncovered this week -- which commands the infected PCs to run malware programs -- will be able to evolve over time.
According to Kaspersky researcher Sergey Golovanov, the new TDSS strain is the most sophisticated cybersecurity threat facing PC users today. It's even designed to delete other malicious programs not associated with the TDSS botnet, to eliminate the competition as well as...

 

[Glunn11]

the latest strain of TDSS uncovered this week -- which commands the infected PCs to run malware programs -- will be able to evolve over time.

That's just crazy. Fantastic post, Mousey. Be careful out there, folks!

 

[luarod]

woah, computer STDs everywhere! but that is the risk of having windows...

 

[vinylweatherman]

How about an evolving PREDATOR, one that users can introduce to their PC "ecosystem" in order to control the population of malwares.

If an evolving "virus" is possible, it should also be possible to create a "predator" program that "eats" only the malware, and nothing else.

This "predator" would have to be delivered by a well trusted source, and users should be made fully aware of only ONE legit source and method of installation, and that ANY alternative claiming to host the software is lying, and probably just another piece of malware.

The problem facing users is that increasing security often renders legitimate services unusable, since they rely on some of the "insecure" features.

Some sites even tell users that in order to use the services offered, they have to LOWER their browser's security settings because they prevent some of the "third party functions" necessary from running.

Online casinos tend to tell us to "disable our firewall and anti-virus" as the FIRST thing to try when a problem with the product is reported. This is a very blunt solution to what is a very specific problem with settings.

Another issue is that good security can be very expensive, and there are so many competing packages that users are too confused to make a decision, so they put it off.

What Microsoft offer is very basic, and they often take some time between a vulnerabilty being discovered, and a patch being released.

PCs running "pirate" versions of Windows don't get access to many of the less important patches, and although this discourages such piracy, it also provides a pool of vulnerable PCs for botnets to infect.

I have also encountered OS bugs that prevent Windows update from working at all, and Microsoft do not offer support for this kind of issue other than "set piece" solutions that are only available to users who know where to look, and how to do such things "manually" from instructions in "knowledge base" articles.