Featured Articles

IHS teardown reveals Galaxy S5 BOM

IHS teardown reveals Galaxy S5 BOM

Research firm IHS got hold of Samsung’s new flagship smartphone and took it apart to the last bolt to figure out…

More...
Galaxy S5, HTC One M8 available selling well

Galaxy S5, HTC One M8 available selling well

Samsung’s Galaxy S5 has finally gone on sale and it can be yours for €699, which is quite a lot of…

More...
Intel lists Haswell refresh parts

Intel lists Haswell refresh parts

Intel has added a load of Haswell refresh parts to its official price list and there really aren’t any surprises to…

More...
Respawn confirms Titanfall DLC for May

Respawn confirms Titanfall DLC for May

During his appearance at PAX East panel and confirmed on Twitter, Titanfall developer Respawn confirmed that the first DLC pack for…

More...
KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 GTX 780 Ti Hall Of Fame reviewed

KFA2 gained a lot of overclocking experience with the GTX 780 Hall of Fame (HOF), which we had a chance to…

More...
Frontpage Slideshow | Copyright © 2006-2010 orks, a business unit of Nuevvo Webware Ltd.
Wednesday, 29 June 2011 11:37

Kaspersky dubs rootkit a killer

Written by Nick Farell


TDSS, TDL-4 most complex and sophisticated tool
Insecuirity experts at Kaspersky Lab have dubbed the latest version of the malware, TDSS, TDL-4 as the most complex and sophisticated tool is the in the cybercriminals’ arsenal.

In statement the outfit said that the powerful rootkit component and other TDL capabilities allow the author to create a botnet made up from millions of personal computers. Kaspersky Lab said that the software has its own encryption method for communication between computers in the botnet and to the command and control servers. It also used of a public peer-to-peer network for sending commands to control infected computers, and adding proxy server functionality to enabling cybercrimnals to sell anonymous internet access through infected computers.

Kaspersky Lab experts, Sergey Golovanov and Igor Sumenkov warned that changes in TDL-4 have been aimed at building a botnet which is as well-hidden from competitors and anti-virus companies alike. It would also allow access to infected machines even if all the command centres were closed. TDL-4 can now delete around 20 of the most popular competing malware on an infected machine, including widespread programs such as Gbot, ZeuS, Optima and others, they said.

Nick Farell

E-mail: This e-mail address is being protected from spambots. You need JavaScript enabled to view it
blog comments powered by Disqus

Comments  

 
+23 #1 leftiszi 2011-06-29 11:50
Great stuff!

Send it to Sony's CEO email, named "your nude wife pics.exe" and see what happens! :D
 
 
+8 #2 123s 2011-06-29 12:06
Sounds pretty impressive
 
 
+14 #3 nemo9fish 2011-06-29 12:21
Use this bug as anti-virus since it attacks its competitors so well?
 
 
+12 #4 JEskandari 2011-06-29 12:25
well it's a good tradeoff .
infect your pc with this and it clean
it from 20 other mall-ware .
 
 
+7 #5 B0GiE-uk- 2011-06-29 13:54
Is there a TDSS or TDL-4 detector available? Do the normal av programs pick it up?

I'd like to know to ensure my pc is clean.
 
 
+13 #6 fingerbob69 2011-06-29 13:56
"TDL-4 can now delete around 20 of the most popular competing malware"

So this actually competing with Kaspersky, Norton et al!

Is it free to download?
 
 
-6 #7 dicobalt 2011-06-29 17:13
Quoting B0GiE-uk-:
Is there a TDSS or TDL-4 detector available? Do the normal av programs pick it up?

I'd like to know to ensure my pc is clean.


Take out the hard drive and scan it with another computer.
 
 
+4 #8 function69 2011-06-29 19:09
"Terminator" doom day is approaching
 
 
+2 #9 nECrO 2011-06-30 12:33
Quoting dicobalt:
Quoting B0GiE-uk-:
Is there a TDSS or TDL-4 detector available? Do the normal av programs pick it up?

I'd like to know to ensure my pc is clean.


Take out the hard drive and scan it with another computer.









The guy asked for assurance, not bad advice. While pulling the HDD and scanning from another machine will get most garden variety malware, it won't do shit for well written rootkits. If you don't know what the hell your talking about, don't give advice. Remember, it is better to let people think your an idiot than to use your keyboard and remove all doubt.....
 
 
-2 #10 dicobalt 2011-06-30 13:42
Quoting nECrO:
[quote name="dicobalt"]If you don't know what the hell your talking about, don't give advice.


Ok then, turn off autorun if you are that paranoid as it should be off already anyway for anyone that cares about security. I have connected many infected drives to my machines and never had any problems. I have never seen autorun info files show up on a hard drive though. Viruses reserve that for removeable storage devices. Furthermore a rootkit will not get the chance to execute.
 

To be able to post comments please log-in with Disqus

 

Facebook activity

Latest Commented Articles

Recent Comments