Botnets are becoming more prevalent as malware technology becomes more sophisticated.  One of the more diabolical pieces of Malware that hit the scene back in 2008 is called Mebroot.  Mebroot is a rootkit that replaces a machines master boot record allowing it to install even before the operating system of the machine installs effectively protecting it from desktop protection software.  Mebroot alone is rather benign in that it does not contain any specific applications but becomes a platform for other Malware.  The most prevalent of these is Torpig, a massive botnet .

Torpig contains multiple information stealing pieces of Malware that scan the infected system for credentials, accounts and passwords as well as potentially allowing attackers full access to the computer. It is also purportedly capable of modifying data on the computer.  In 2009 a team of researchers were able to take control of the botnet for a period of ten days.  During that period, they extracted over 70GB of stolen data.

As these Malware variants continue to morph, the challenge for an organization becomes how to detect machines that have been compromised so that remediation can take place as soon as possible.  Trend Micro has a Threat Management System that can passively detect malware, worms, viruses, trojans and other undesirable network activity.  For more information on this solution go to http://www.adcapnet.com/partners/trend-micro/



Author: Mike Lundy

Posted at Geeknick

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

Tagged with:

Filed under: Network Security

Like this post? Subscribe to my RSS feed and get loads more!