Anti-virus outfit Kaspersky described an ‘indestructible’ botnet implemented via a malware kit which the security researchers said was the most sophisticated threat today.
A new version of the malware called TDL-4, which is sold to cyber criminals via complex affiliate networks, now incorporates an encrypted protocol to communicate with control servers. The system allowed the botnet to evade traffic analysis and block attempts to gain control of the botnet.
Kaspersky said that nearly a third of the 4.5 million infected PCs were in the US. Based on the pricing of the affiliate programs, the going rate for access to the botnet of that size is $250,000, they said.
Kaspersky’s detailed description of TDL-4 painted a picture of a sophisticated professionally developed system that uses exploits from Stuxnet, hides within P2P networks to avoid interception and detection and bundles its own ‘antivirus’ system to remove rival malware.
Another new feature is the addition of 64-bit support so that the malware is able to affect the increasingly popular 64-bit versions of Windows.