![]() ![]() Very cleverly, TDL-4 actually removes approximately 20 common malware programs - such as Gbot and ZeuS - to avoid drawing unwanted attention to a victim computer when legiti- mately installed antivirus software detects these common malware programs on the computer! Communications are concealed using proprietary encryption that is tunneled within SSL. Persistence is achieved through installation of a bootkit that infects the Master Boot Record (MBR) of the victim machine, and more than 20 additional malware programs, including fake antivirus programs, adware, and a spamming bot. *Derived from analysis by Kaspersky Labs Figure 2-5: TDL-4 - the “indestructible” botnet. ![]() ![]() Programs Used Malicious apps, Fake AV, Spam, Adware, etc. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |