Windows 10 News and info | Forum
June 15, 2021, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: A Sinister New Botnet Could Prove Nearly Impossible To Stop  (Read 157 times)
Hero Member
Offline Offline

Gender: Male
United States United States

Posts: 32646

I Do Windows

WWW Email
« on: April 11, 2020, 11:58:51 PM »

Security researchers have discovered an emerging threat that they fear could be nearly unstoppable. This growing botnet has already managed to enslave nearly 20,000 computers.

It is known as DDG, and itís been lurking in the shadows for at least two years. DDG was first discovered in early 2018 by the network security experts at China-based Netlab 360.

Back then the nascent botnet had control of just over 4,000 so-called zombies and used them to mine the Monero cryptocurrency. Much has changed since then.

Todayís incarnation of DDG isnít just five times larger. Itís also much more sophisticated.

One of its distinguishing features is its command and control system. Most botnets are designed around a client/server model. Infected machines listen for instructions from the servers and then carry out their orders.

DDG has a built-in Plan B, however: a proprietary peer-to-peer network.

If the zombies canít contact the servers, they automatically switch over to P2P channels to keep the operation running ó exchanging payloads and instructions as if nothing had happened. They even utilize a built-in proxy system to obfuscate their activities.

Itís a dastardly one-two punch, and one that Netlab 360 believes makes DDG ďseemingly unstoppable.Ē Security professionals often disrupt botnets by wresting control of a domain name or an essential server away from the criminal operators. That wonít work against DDG.

Despite its sophistication, the DDG botnet has grown very slowly. Its spread is also fairly limited geographically-speaking, too, with 86% of infections occurring in China. Itís not in the same league as botnets like Conficker or Necurs, which hit tens of millions of computers.

Netlab 360 researchers think thereís a simple explanation for that. DDGíss creator is probably quite happy with things the way they are. Its zombie army can mine a fair bit of Monero without attracting a lot of attention.

By shedding a little light on DDG, Netlab 360 hopes that the cybersecurity community can figure out a way to slow or disrupt its operation before it evolves into something much more sinister.


Pages: [1]
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page April 30, 2021, 06:34:39 AM