Go Back   DreamTeamDownloads1, FTP Help, Movies, Bollywood, Applications, etc. & Mature Sex Forum, Rapidshare, Filefactory, Freakshare, Rapidgator, Turbobit, & More MULTI Filehosts > Computer/MAC Help/Info. & New Technology > General Computer/Android Help, News & Info + New Technology

General Computer/Android Help, News & Info + New Technology Find All The Latest Reports/Reviews in Here. Start a New Thread in Here if You Need Help

Hallo to All Members. As you can see we regularly Upgrade our Servers, (Sorry for any Downtime during this). We also have added more Forums to help you with many things and for you to enjoy. We now need you to help us to keep this site up and running. This site works at a loss every month and we appeal to you to donate what you can. If you would like to help us, then please just send a message to any Member of Staff for info on how to do this,,,, & Thank You for Being Members of this site.
Post New ThreadClosed Thread
LinkBack Thread Tools Display Modes
Old 06-07-11, 19:26   #1
Ladybbird's Avatar
Join Date: Feb 2011
Posts: 35,167
Thanks: 23,735
Thanked 12,743 Times in 8,577 Posts
Ladybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond reputeLadybbird has a reputation beyond repute

Awards Showcase
Best Admin Best Admin Gold Medal Gold Medal 
Total Awards: 6

WARNING- The 'Indestructible' Botnet Infection - CRIMINALS

TDL-4: The 'Indestructible' Botnet?


Security researchers at Kaspersky Lab have detailed a new botnet--a collection of infected computers controlled by cybercriminals--called TDL-4, that might just be "indestructible."

TDL-4 gets its name by being the fourth generation of the botnet. In 2008, the original TDL appeared. It has been altered over the last several years. With TDL-4, Kaspersky has found, the malware creators have drastically improved the botnet over its predecessors.

"The malware writers extended the program functionality, changed the algorithm used to encrypt the communication protocol between bots and the botnet command and control servers, and attempted to ensure they had access to infected computers even in cases where the botnet control centers are shut down," Kaspersky wrote on its SecureList blog earlier this week. "The owners of TDL are essentially trying to create an 'indestructible' botnet that is protected against attacks, competitors, and antivirus companies."

Central to TDL-4's updates is an improved algorithm that encrypts communications between infected computers and the botnet's command. According to Kaspersky, TDL-4 creates an identifier known as "bsh parameter" that "acts as one of the encryption keys for subsequent connections to the command and control server." Once a request between command and the computer is activated, it's transmitted over an HTTPS connection. According to Kaspersky, that system helps the botnet "run smoothly" and, at the same time, stops anyone else from trying to take control over it.

Global distribution of TDL-4 infections. According to the country codes to the right, the U.S., India, Indonesia, and Great Britain are tops in infections, according to Kaspersky.
(Credit: Kaspersky Lab)

To help safeguard itself from removal, TDL-4 infects a computer's master boot record, thus allowing it to run before the operating system starts up, and keep it away from the prying eyes of anti-malware programs. What's more, the botnet deletes other malicious files that might get caught by security tools and tip users to TDL-4 running on their computers. In their place, TDL-4 has downloaded about 30 malicious programs on infected computers, including "fake anti-virus programs, adware, and the Pushdo spambot," Kaspersky says.

According to Kaspersky, the botnet also uses peer-to-peer network Kad to issue several commands, including searching for new files, publishing files to Kad, and more.

The big upshot of that for TDL-4 creators, Kaspersky says, is that even if "its command and control centers are shut down, the botnet owners will not lose control over infected machines," since they'll still be able to access Kad.

Although Kaspersky believes TDL-4 is practically impenetrable, not everyone is so quick to agree. Writing for InfoWorld today, Roger Grimes, a self-described "24-year veteran of the malware wars," says that there has yet to be a single threat that has been able to hold its ground indefinitely.

"I can safely tell you that no threat has appeared that the antimalware industry and OS vendors did not successfully respond to," Grimes writes. "It may take months or years to kill off something, but eventually the good guys get it right."

He makes a solid point. Last year, Conficker was taken down after wreaking havoc on computers worldwide since 2008. Earlier this month, the FBI announced that it had taken down the Coreflood botnet.

But TDL-4's functionality might just be in a league of its own. As Kaspersky notes, the botnet can "manipulate adware and search engines, provide anonymous Internet access, and act as a launch pad for other malware."

According to Kaspersky, 28 percent of all infected TDL-4 computers are in the U.S. Computers in the U.K., Italy, France, and many other countries are also infected with TDL-4. All told, more than 4.5 million computers were infected with TDL-4 in the first three months of 2011 alone.

Nil Carborundum Illegitemi My Advice is Free My Friendship is Priceless

FREEBIES Continue to be a BURDEN on Our Increasing Server/Privacy Costs. Please DONATE Something to HELP...PM an Admin for Further Info.

& Thanks to Those That Have Taken The Time to Register & Become a Member of ... 1...
Ladybbird is online now  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiTweet this Post!
The Following User Says Thank You to Ladybbird For This Useful Post:
ratchetjaw666 (06-07-11)
Post New ThreadClosed Thread

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2019, vBulletin Solutions Inc.
SEO by vBSEO 3.5.2
Designed by: vBSkinworks