New Botnet Is "Practically Indestructible"

[Valkyrie101]

It still has a squishy meatbag controlling it.

 

[vxicepickxv]

Wow, this is probably as close to computer herpes as we'll ever see.

Furthermore, there isn't much you can actually do from the code in the MBR, because to do anything useful these days you need functionality that requires a running OS. Say the botnet is used to send spam - it must use the network drivers and the TCP/IP stack, so it has to go through Windows and its drivers. It might be hard to remove it, but the symptoms could be detectable. I am confident antivirus companies will find a way to detect it and deal with it sooner or later (maybe by just silently blocking it).

That does sound like the fastest and easiest solution. It's probably the most effective for prevention. In terms of removing it, I would imagine it would be easier to do that with a startup program on a disc or thumb drive.

This net isn't limited to infection in Windows. It might not do anything outside of the Windows OS, but it can still infect other computers.

Next week, bios virus.

 

[let's rock]

You do know that there are ways to modify you're boot record, right? If you are really good at softwarwe, you can go into you're boot with a master boot boot cd, highlight it, and click delete. Nothing is indestructable, look at the titanic and death star. As long as it doesn't start singing "Daisy Bell" I have no concern. Also, try being careful on the internet so it can't install in the first place

Wouldn't a zero wipe of the Hard Drive also do the trick?

I'm not sure. Sledge hammers, fire, shotguns, etc. are the only way to perminantly deleate date, so the virus may be capably of replicating it's self after a zero wipe, which would also get rid of all of you're data on you're computer

 

[shadebreeze]

Furthermore, there isn't much you can actually do from the code in the MBR, because to do anything useful these days you need functionality that requires a running OS. Say the botnet is used to send spam - it must use the network drivers and the TCP/IP stack, so it has to go through Windows and its drivers. It might be hard to remove it, but the symptoms could be detectable. I am confident antivirus companies will find a way to detect it and deal with it sooner or later (maybe by just silently blocking it).

That does sound like the fastest and easiest solution. It's probably the most effective for prevention. In terms of removing it, I would imagine it would be easier to do that with a startup program on a disc or thumb drive.

You are right, that's probably the solution. Antivirus companies often release "removal kits", little programs whose only purpose is to remove one specific malware. You run them and they do their job.
The only difference in this case would be that there is an additional step where you have to burn a CD with the removal kit on it (so you can boot from CD and run it before the hard disk is touched in any way).

 

[Jfswift]

I think i'm just going to stop using my computer now.

 

[strobe]

And we take another step closer to the world of the Rifters Trilogy.

Seriously, how long before someone decides to program some "gene" codes into these bugs (which they're already doing in labs), and sets them loose? I'd be surprised if the entire system doesn't evolve into mass sentience before too long.

You'd better prepare yourself to start being surprised, at a time less than too long a time away, and arrange to stay that way for a very long time. Basically, I disagree with your last sentence... But then, odds are, you and certainly I do not have much experience of the genetic algorithm field so we're not the best people to have a researchless argument about this.

OT: I'm not scared at all. In fact, this seems like it'd be a pretty good virus to have as it takes down others. Hell of a lot better than that Antivirus 2010 cack.

 

[II2]

Do people really have nothing better to do with their time than come up with this kind of shit?

Look outside... There is daylight, there are girls too, nice things to eat and drink, fun things to explore and do. Much better than sitting in your cave and coming up with better ways to spoil someone elses computer.

I don't think these are hobbyists. This seem more professional criminal than that.

True enough. While there are anarchic bedroom programmers indulging a tech-amplified mean streak, most of the people writing such complicated malware are looking for a financial return on their investment of time. Computer crime is just one more way of life in areas of the world where corruption is institutionalized.

The majority of the worst viruses, worms, trojans and malware in the last 20 years have been traced back to Eastern European and Asian regions.

 

[dead.juice]

Well now I know whats wrong with my desktop PC. I had something in my boot, it kept crashing my PC, and now my PC boot drive is corrupt. Is there any way to get rid of it?

 

[Quaxar]

That sure is some clever piece of botnet. Though I don't really see the big thing... if it gets rid of other malware for me and all it does is use my PC to send spam then I'd be more than happy to offer them a shell account in trade for PC safety!

Not really... but you get the point.

Am I missing something here?

Master Boot Record Viruses have existed since Windows 98, thats nothing new. While a standard reformat wouldnt "kill it" .. you can reformat the Master Boot Record seperately (and independently) from the rest of the data .. its pretty easy to do with your Windows Install CD.

So what part of this so called "BotNet" makes it so "practically indestructible"?.

Well, look at the average user.

 

[UnusualStranger]

Well, color me purple and slap me in the face with a feather duster.

... and by that I mean wow, that is total dicks right there. I have to wonder whats the point of it? I mean, more than likely, one of the major anti-virus companys is gonna find a way to get rid of it. And its not really doing anything nefarious, other than spamming people about a Prince in Zimbabwe, and dicking with other people who are just dicks.

This kinda sounds like something a 13 year old would do for fun, just troll and annoy as many people as humanly possible without causing any real, substantial damage.

I don't think you understand how a botnet properly works, so let me give you a total crash course.

A botnet is a collection of computers that remotely report to a particular set of higher up computers usually. These would best be called "Leaders". Now, these Leaders can inform these "Bots" to do all sorts of things. For example, if I have a 4.5 million computer botnet, that means that I could instruct all of those computers to send false requests to one particular entities servers (For the sake of example, lets say the escapist).

Now, you might perhaps be wondering "So? The Escapist gets users all the time. More than 4.5 Million easily." While that might be true, the Escapist servers are not likely to have all 4.5 million requests at once. Also, they likely won't be repeated requests. This means, that if I had singular control of said virus and botnet, I would be able to successfully bring a site to its knees if I so much as point in the direction of where they should send all their requests. And the thing about botnets is if done correctly you won't be able to ever find the owner, as there are 4.5 million computers all with their own IP addresses and people using them that could possibly be the source.

And that, in a nutshell, is why these are not just "Simply nerds/hackers screwing around." These are legitimate, and fascinating, ways that the online community can spend its time, for both good and evil.

Am I missing something here?

Master Boot Record Viruses have existed since Windows 98, thats nothing new. While a standard reformat wouldnt "kill it" .. you can reformat the Master Boot Record seperately (and independently) from the rest of the data .. its pretty easy to do with your Windows Install CD.

So what part of this so called "BotNet" makes it so "practically indestructible"?.

While the article doesn't seem to touch on it much, I think it instead means that it installs itself to the motherboard, which then runs its own diagnostics away from Windows altogether. That means that attempting to use the Windows Install CD would be useless, because the program would just reestablish itself when the computer first starts up, before windows even has a say in what is going on.

 

[MasterOfHisOwnDomain]

Fortunately, something equally ingenious will come along and wipe it out. Especially if there becomes money to be made from it. That's how the world works - nothing stays "indestructible" for very long...

 

[Veloxe]

That's pretty clever of them! Obviously if you are good with computers you can still kill it fairly easily. However then I remembered most people can't turn on the computer without breaking it somehow so it will probably live long and do a lot. The idea that it kills off other maleware so you don't notice anything is wrong with the performance is brilliant.

 

[weirdee]

Considering how many existing (and POPULAR) anti-badstuff software will jack your system resources without actually effectively or even at all protect you from the really awful crap, I almost have no issue with something that hides in my system, takes all the other annoying stuff out, and covertly borrows less CPU power than commercial programs without making me a complicit accessory.

 

[insanelich]

This also means that formatting your computer, a process that restores every Windows component to its most basic state, has no effect on Top Bot.

Yeah. This isn't quite true.

 

[icame]

Shared though P2P program's eh? Good thing I don't pirate things then. (Yes I am aware not all use of P2P is for piracy. Just most of it.)

 

[Feralcentaur]

You Humans are being ridiculous. There is absolutely no Botnet of such a sort, you're all just being paranoid.
If you want me to explain to you how silly and paranoid you're all being, just give me your E-mail address so I can give you a text file to download that will explain the entire thing...

 

[NLS]

Do people really have nothing better to do with their time than come up with this kind of shit?

Look outside... There is daylight, there are girls too, nice things to eat and drink, fun things to explore and do. Much better than sitting in your cave and coming up with better ways to spoil someone elses computer.

These aren't your usual anon guys.
They do this for a living.

 

[deleted_by_strongbad]

So, am I missing something, or did most of you just buy into the ignorant fear mongering? I don't see how this thing is so amazing/creative/new, the article would have you believe that this thing is incomprehensible, but the author also doesn't know the difference between a system restore and a format.

In the future, when you read an article about something you don't understand and it makes you start worrying, making comments on the internet about skynet, the borg, or even just how computers are getting so advanced its dangerous, etc. just stop reading the article, forget you read it, and move on with your day. Because chances are that article was written by a technophobic f-tard who doesn't know what they are talking about, or by an exploitative asshole who knows what they are talking about, but also knows that fear mongering to people who don't gets readers.

 

[Sylocat]

But then, odds are, you and certainly I do not have much experience of the genetic algorithm field so we're not the best people to have a researchless argument about this.

Researchless, huh?

http://www.ncbi.nlm.nih.gov/pmc/articles/PMC1560214/

This stuff isn't difficult to find. You can even download some programs [http://www.spiderland.org/breve/] that allow you to play with it yourself. Please don't make assumptions about what I am or am not qualified to discuss.

As for my last sentence, yes it was hyperbolic, but it's also true that simple systems in aggregate can act as diffuse neural nets.