Around half a million computers have been affected by a botnet named TDL-4, recently discovered by Kaspersky Labs. TDL-4 is the fourth generation of the botnet that was initially found in 2008. TDL-4 is believed to be more malicious compared to its previous versions that might not be easily destructible.
Kaspersky stated on Securelist.com that “The malware detected by Kaspersky Anti-Virus as TDSS is the most sophisticated threat today. TDSS uses a range of methods to evade signature, heuristic, and proactive detection, and uses encryption to facilitate communication between its bots and the botnet command and control center.”
The latest version of TDL is believed to be very destructive and might affect the computers severely. Securelist says that this “allows it to conceal the presence of any other types of malware in the system.”
TDL-4 directly attacks the computer’s master boot record and deletes all other malicious software and files from the computer. This helps the botnet to penetrate more into the computer and assures that it’s not removed from the computer.
Botnet is spread with the help of a group of infected computers that can be remotely controlled by the cybercriminals. Once a computer is attacked, all the data is stolen from the computer and the same computer is used to spread malicious and infected files and viruses to other computers.
Federal Bureau of Investigation (FBI) in April got the permission from the federal judge to cut the roots of a botnet named Coreflood. The botnet that has caused damage to around 2 million computers is said to have existed for almost 10 years. Although there are no accurate figures mentioned with regard to the loss caused by this botnet but according to a few analysts, the amount of money stolen through the use of this botnet is no less than hundreds of thousands of dollars.