English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Differently Structured Botnets Cooperate for Better Survival of Malware

Information collected about 'Kneber' (a recently found botnet) reveals an interesting phenomenon. If a computer is infected several times with different malware, then the infections can join up to develop an advanced mechanism that will improve the survival rate of all malware.

Kneber has a gigantic size. Its total zombie PCs count to some 74,000 and are located in 2,400 organizations. Indeed, this sheer magnitude of the network has drawn the industry attention following Kneber's discovery. But its method of communication with other botnets indicates that their relationships eventually help each malicious network to be better resilient to dismantling, says Alex Cox, Senior Consultant at NetWitness and Discoverer of Kneber, as reported by ComputerWorld on February 18, 2010.

Kneber was built with the help of a highly prevalent toolkit that assembled bots known as ZeuS. According to security researchers, Kneber is one of the botnets that the toolkit constructed.

Cox further indicated that more than 50% of the compromised computers within Kneber network were infected by other malicious programs that employed varied command-and-control (C&C) structures, as reported by Ecommerce Journal on February 22, 2010. According to Cox, if any one botnet was deactivated, the other was utilized to develop it afresh.

The consultant writes in his assessment of Kneber that minimum 2 different botnets having separate C&C structures are capable of providing tolerance of fault and recoverability in case one C&C infrastructure is deactivated.

In Kneber's instance, over 50% of the bots were infected by two botnets - 'Waledac' and 'ZeuS.' Although Cox isn't sure if they're joined up in operation, he isn't ruling out a possibility. In case the ZeuS C&C mechanism is disabled, ZeuS botnet's owner could contact Waledac's operator and pay to get his botnet provide an upgraded ZeuS, which will bring back ZeuS bots that will take commands from a fresh computer server.

Furthermore, the fact that Waledac and ZeuS coexist, it suggests that they've common objectives of resistance and survival along with potential and more intense cross-crew co-operation within the secretive world of cyber-crime.

» SPAMfighter News - 04-03-2010

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>