HITB GSEC Singapore (August 21st - 25th)
Register Online Now!
Botnet rentals reveal the darker side of the cloud
Cloud computing isn't just opening up new opportunities for legitimate organizations worldwide; it's also proving a potential boon for cybercriminals as it inexpensively and conveniently puts disposal powerful computing resources at their fingertips, which helps them quickly and anonymously do their dirty deeds.
Among the latest examples of this unfortunate trend comes via Kapersky Labs: The company has reported that the operators of TDSS, one of the world's largest, most sophisticated botnets, are renting out infected computers to would-be customers through the awmproxy.net storefront. Not only has TDSS developed a convenient Firefox add-on, it's accepting payment via PayPal, MasterCard, and Visa, as well as e-currency like WebMoney and Liberty Reserve.
Also known as TDL-4, the TDSS malware employs a rootkit to infect Windows-based systems, allowing outsiders to use affected machines to anonymously surf the Web, according to Kapersky researchers Sergey Golobanov and Igor Soumenkov. The malware also removes some 20 malicious programs from host PCs to sever communication with other bot families. (Evidently, botnet operators are becoming increasingly competitive with one another.)