New TDL Malware Releases

Friday, May 3, 2013 @ 03:05 PM gHale


There are new variants of the TDL malware out there whose goal is to infect the master boot record (MBR) of computers.

One difference between these and older TLD versions is the new samples use file names made up entirely of digits, said researchers at Bitdefender Labs. Previous variants utilized more intuitive file names, such as ldr16/ldr32/ldr64/mbr.

RELATED STORIES
Malware Costs Consumers $4B a Year
‘Cyber risk Intelligence’ for Total Security
Firms Don’t Budget to Protect IP
Manufacturing Most Attacked Industry

As far as the configuration file goes, it’s pretty much the same as the old one, except that the new one doesn’t contain almost any readable strings.

“Unfortunately, the TDL bootkit family remains relatively unknown in the wider IT security community, as the low detection rates from other major antivirus companies prove,” Bitdefender researches said in a blog.
http://labs.bitdefender.com/2013/04/new-tdl-clones-in-the-wild/

The company has updated its rootkit remover to ensure it can detect and remove the latest TDL versions.

Indeed, when it comes to malware protection, it seems 58.2 million American adults have at least one malware infection that affected their home PC’s performance in the past year, a new report said.

On top of that, the cost of repairing the damage from those infections came in at nearly $4 billion, according to the Consumer ReportsAnnual State of the Net Report.



Leave a Reply

You must be logged in to post a comment.