P2P Botnets Keep Growing

Thursday, June 6, 2013 @ 04:06 PM gHale


With the takedown of a banking botnet by team of investigators from Microsoft, the FBI and other key players, it is becoming clear their popularity is on the rise.

Throw on top of that a peer-to-peer botnet and it just shows how resilient they can be to keep on chugging along.

RELATED STORIES
Global Cybercrime Botnet Breached
Reworked Trojans a Major Threat
Botnet Used in Huge Spam Plot
P2P Botnets Larger than Thought

Botnets such as ZeroAccess, TDL4/TDSS and Zeus v3 have shown the way for peer-to-peer botnet builders, either as a primary means of communication between hackers and bots, or as a fallback in case centralized communication ends up disrupted or permanently terminated.

To show the growth in P2P bots, researchers at Damballa said there has been a five-fold increase in the number malware samples spread via peer-to-peer during the past 12 months.

ZeroAccess is one of the biggest offenders as it is a strong malware family with rootkit capabilities that can fold into a number of exploit kits, including Blackhole.

“It’s been put into some toolkits, so it’s spread out among different implementations,” said Damballa senior research scientist John Jerrim. “You don’t have to write your own [botnet]. It’s available to buy and use; it’s big business in terms of building botnets.”

The main focus of botnets continues to be spreading spam, but other capabilities are now coming into play, including denial of service attacks, bank fraud, click-fraud campaigns and more. While centralized botnets are simple to disrupt, taking down a peer-to-peer botnet is a much more difficult.



Leave a Reply

You must be logged in to post a comment.