New Malicious Methods Keep Malware Communicating with C&C Server
Online-criminals are devising fresh methods whereby they're creating a communication system between their malicious software and remote C&C (command-and-control) servers, warn researchers from Symantec a security company. In this context, the researchers discovered that the crooks were beginning to apply the SPF (Sender Policy Framework) for keeping the malware solidly connected with the said servers.
SPF, evidently, is one authentication system through e-mail that lets administrators to stop junk electronic mails from entering inboxes. This system is related to Domain Name System queries and replies. Thus, when any DNS server utilized for dispatching the e-mail employs SPF at that time the reply from the DNS carries one SPF validation which's exclusive for every genuine website.
Explaining the problem further, Takashi Katsuki, Security Researcher at Symantec said that for the creators of malicious software, a DNS query could help them obtain IP addresses alternatively domains within SPF, while the particular DNS query needn't necessarily get asked from any PC straight away. Normally, there was the use of an area specific DNS server to work like one DNS repository server. This repository server could dispatch one query rather than the PC, Katsuki said. Softpedia.com published this dated January 26, 2013.
Notably, the HTML-code produced 'malvertisements' so the attackers earned revenue via getting the victims to click on them.
Ultimately, for keeping users' computers free from the Spachanel Trojan, all updated software patches must be deployed while AV solutions maintained up-to-date, wraps up Symantec.
Related article: New Spam Mail Charges For IPod
» SPAMfighter News - 31-01-2013