Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Old Botnet SDBOT Continues to Haunt Users

SDBOT, an old botnet still exists and is stealthily disseminating pay-per-install scams at present, according to a new research paper released on December 11, 2009.

SDBOT is an Internet Relay Chat (IRS) based botnet, which first appeared in 2004. The infections caused by this low-profile botnet usually go unnoticed.

It is noted that giving way to more stealthy and robust botnets that employ peer-to-peer communications or HTTP in order to control infected botnet systems, IRC botnets have gradually been fading. However, botnets like SDBOT, which use IRC, almost silently perform their task, according to Trend Micro.

The security firm said that these bot malware are neither resource hogs nor heavy e-mail spammers. They barely ever interrupt normal computer activities such as Internet browsing; consequently, their victims seldom come to know that their systems have been compromised.

It appears that cybercriminals hire the reach and download ability of this botnet, as per the researchers at Trend Micro. Pay-per-install business model is easy to use, and hence it is increasingly put into practice. To install a malware on infected computers, a botnet owner is paid. For example, to easily push the FAKEAV files to computers, their author pays the SDBOT gang. This gang already possesses an IRC botnet and remotely controls thousands of compromised systems.

Cyber goons either want to increase the number of users they attack or are willing to distribute spammed e-mails to accomplish various other motives. The SDBOT gang has been engaged in dealing with various other business requests like installing CUTWAIL, KOOBFACE, FAKEAV and other variants of malware on their compromised bots for the longest time span, instead of launching their own focused assaults, reveals Trend Micro's report.

Trend Micro also explained the reason as to why SDBOT uses technology. The main reason is that botnets which use IRC have gradually moved out in favor of more sophisticated botnets such as Pushdo, Koobface, Zeus, and Waledac. These high profile botnets are regularly under the researchers' observation.

The best way to avoid becoming a target of botnet and being infected with SDBOT malware is not to click on links which are sent through IM applications. Users must update security applications at regular intervals and also avoid opening unsolicited spam and e-mails.

Related article: Old Widow Fall Victim to E-fraud with Lure of $30 Million Inheritance

ยป SPAMfighter News - 12/23/2009

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page