TDL botnet targets Windows PC’s and is difficult to detect and shutdown

TDL botnet uses the rootkit approach making removal difficult or impossible to remove without resorting to a complete wipe of the hard drive.

683 0
683 0

See here for more details:

BBC News – Security researchers discover ‘indestructible’ botnet

The TDL botnet software is very sophisticated and constantly evolving. It targets Windows PC’s and places code in the Master Boot Record (MBR) portion of the hard disk so it is difficult to detect and remove. The malware uses the “rootkit” approach. This makes removal difficult or impossible without resorting to a complete wipe of the hard drive.

Kaspersky Labs estimates that approximately 4.5 million PCs have become infected in the last three months. The majority of those infected are in the US as there is apparently a premium paid by the crooks for infecting US PCs. Interestingly, there were no Russian PCs infected presumably since there is no bounty paid for infecting computers there.

 

In this article

Join the Conversation