Today in cyber threats: more than four million Windows PCs have been commandeered by a botnet that cybersecurity experts are calling nearly “indestructible.” Known as TDL-4 (it’s the fourth iteration of the malicious program), this particular little nuisance hides in places security software rarely checks and speaks with other infected machines and their overseers in a novel encrypted code. Some are calling it the most sophisticated threat out there today. Watch your back, Stuxnet.
For the unfamiliar: botnets are networks of computers that have been infiltrated by a malicious program that allows the machines to be manipulated remotely by the program’s owner, often in concert to carry out cyber attacks or to do large-scale spamming. Security firms around the world have been cracking down on botnets lately, and their success has been fairly remarkable.
But in eradicating a lot of simpler botnets, security experts may have tipped their hands. TDL-4 hides in places other botnets generally don’t, deep within systems where most virus scanning software doesn’t look. And it communicates in ways that are new to most cyber-cops, talking in what appears to be a novel encryption scheme conjured by TDL’s overseers.