All the latest UK technology news, reviews and analysis
|
|
|
03 May 2006
A new worm has been detected that is far more advanced than most malware picked up to date by investigators.
W32.Nugache.A spreads via email and IM channels but also includes a novel peer-to-peer element.
Once a PC is infected it keeps in contact with the controller and other infected machines via a peer-to-peer network using TCP port 8 rather than relying on IRC.
"We picked this up on honeynets over the weekend, and it's an interesting
one," said Mark Murtagh, technical services director at internet monitoring firm
Websense.
"It's rather like Kazaa. If one node is shut down by the PC being cleaned it
forms a peer-to-peer network with the next available PC."
This is not the first time such technology has been used. The Linux worm Slapper used a similar technique in 2002.
In terms of controlling and building a botnet this technique makes it a lot harder to shut down networks, as well as making it harder for intrusion prevention systems to identify infections.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
C#, WPF, Silverlight, UI Development, Software Engineers...
Candidate required who is used to working in a client...
Build Change Release Manager / Build Change Manager...
IT Service Desk Manager / Liverpool / Up to £60,000...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?