New P2P botnet infects SSH servers all over the world

by
Dan Goodin
from Ars Technica - All content on (#572YE)
botnet5-800x450.jpg

Enlarge (credit: Aurich Lawson)

Researchers have found what they believe is a previously undiscovered botnet that uses unusually advanced measures to covertly target millions of servers around the world.

The botnet uses proprietary software written from scratch to infect servers and corral them into a peer-to-peer network, researchers from security firm Guardicore Labs reported on Wednesday. P2P botnets distribute their administration among many infected nodes rather than relying on a control server to send commands and receive pilfered data. With no centralized server, the botnets are generally harder to spot and more difficult to shut down.

What was intriguing about this campaign was that, at first sight, there was no apparent command and control (CNC) server being connected to," Guardicore Labs researcher Ophir Harpaz wrote. It was shortly after the beginning of the research when we understood no CNC existed in the first place."

Read 9 remaining paragraphs | Comments

index?i=jcI6uHrJP5k:0rURlS6o8Hg:V_sGLiPB index?i=jcI6uHrJP5k:0rURlS6o8Hg:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments