Spammers building more resilient botnets

Posted on Friday, December 11 2009 @ 4:46 CET by Thomas De Maesschalck
Security firm MessageLabs reports cybercriminals have responded to the takedown of several major botnets by creating more ruggedised botnets that are less vulnerable to disruption.
The shutdown of botnet-hosting ISPs - such as McColo in late 2008 and Real Host in August 2009 - has forced hackers to re-engineer botnets so that the reins of command and control system can be picked up within hours, instead of the weeks of confusion that followed the McColo shutdown.

Paul Wood, MessageLabs Intelligence senior analyst at Symantec, explained: "Hackers have re-engineered malware to make it less vulnerable to disruption. Trojans used to be hard coded with an IP address but now they use domain name rotate using fast flux to calculate next domain or P2P techniques. As a result command and control channels are now more resilient."
More info at The Register.


About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.



Loading Comments