Skip to main content

TDL-4 creates 4.5 million PC ‘indestructible’ botnet

botnetAccording to Kaspersky Lab, a new TDSS rootkit variant called TDL-4 has infected more than 4.5 million PCs worldwide in just the first three months of 2011. The security experts say that this sneaky malware is one of the most technologically sophisticated threats to date. Because of upgrades from the previous TDL-3 incarnation, this new TDL-4 has the ability to create a botnet that is practically ‘indestructible’.

TDL-4 is a bootkit, it infects the master boot record of a PC which allows the code to run before a computer’s operating systems starts up. Doing this allows the malware, along with the programs it downloads, invisibility to operating systems as well as any antivirus programs.

But this isn’t new for TDSS. What makes this version a silent killer is an upgrade in encryption and the decentralization of the botnet. The new encryption algorithm used to network the control center with computer zombies keeps the botnet from being detected by traffic analysis and keeps other cyber criminals at bay.

The way the decentralization works is probably most important. Unlike the Coreflood botnet, recently hit hard by the FBI, the TDL-4 doesn’t necessarily have command-and-control servers that will incapacitate the malware when seized. The cyber criminals use the publicly accessible Kad P2p network as second way to send commands to infected PCs. If the servers are taken out, the botnet keeps on going via custom Kad client. Like the T1000, it just reforms and keeps on doing its evil duties.

To top off that display of durability, TDL-4 has 64-bit support and its own antivirus. The antivirus allows the rootkit to eliminate threats that would draw attention to its presence. The first TDSS rootkit made an appearance in 2008 and is said to be more widespread than the well known Rustock. The creators have been perfecting the malware since then and Kaspersky’s Sergey Golovanov says, “we have reason to believe that TDSS will continue to evolve.”

Editors' Recommendations

Jeff Hughes
Former Digital Trends Contributor
I'm a SF Bay Area-based writer/ninja that loves anything geek, tech, comic, social media or gaming-related.
How to upload images to ChatGPT
The chatGPT chat screen with an uploaded image, on an Acer, on a bench, on a deck.

ChatGPT is far more than a simple AI wordsmith. While it excels at written interactions, incorporating images can breathe new life into your prompts and unlock myriad more machine learning capabilities. This guide will explain how you can upload images to ChatGPT, transforming it from a text maestro to a true multimedia mastermind.

Read more
The RTX 4090 has finally met its match
The RTX 4090 sitting on top of a PC.

The RTX 4090 is a monster graphics card. It continues to challenge even standard-sized PC cases with its triple-slot size, as well as its thick power cable that can deliver upward of 600 watts. I wanted to fight back. I wanted to put the biggest GPU you can buy in the smallest case possible for the ultimate small form factor gaming experience, and that's exactly what I did.

Not without plenty of issues, mind you, but I have the RTX 4090 up and running in a 10.4-liter PC case. For context, even a midtower like the Hyte Y40 is 50 liters. It took a lot of planning, plenty of tinkering, and a bit of elbow grease, but the small form factor PC I've always dreamed of is here. Here's how I did it.
Meet the build

Read more
Microsoft is in trouble
Microsoft's CEO introducing Copilot+.

A month ago, Microsoft felt unstoppable. The company had a bold and audacious vision of the future of Windows, and it seemed like it was actually going to pull it off.

Skip ahead to what was supposed to be the big launch day of its Copilot+ PCs, though, and that's all changed. Instead of excitement and buzz around these Windows devices, the air is filled with caution in regard to the two primary calling cards of Copilot+: Arm and AI.
Copilot+ without AI?

Read more