Just 'hanging out?
Proceed with caution
The botnet uses proprietary software written from scratch to infect servers and corral them into a peer-to-peer network, researchers from security firm Guardicore Labs reported on Wednesday.
Peer-to-peer (P2P) botnets distribute their administration among many infected nodes rather than relying on a control server to send commands and receive pilfered data. With no centralized server, the botnets are generally harder to spot and more difficult to shut down.
__________________________________________________________________________
Researchers have found what they believe is a previously undiscovered botnet that uses unusually advanced measures to covertly target millions of servers around the world...
The botnet, which Guardicore Labs researchers have named FritzFrog, has a host of other advanced features, including:
Proceed with caution
A New Botnet Is Covertly Targeting Millions of Servers
FritzFrog has been used to try and infiltrate government agencies, banks, telecom companies, and universities across the US and Europe
_________________________________________________________________________
ARS TECHNICA
Dan Goodin, Ars Technica
This story originally appeared on Ars Technica, a trusted source for technology news, tech policy analysis, reviews, and more. Ars is owned by WIRED's parent company, Condé Nast.Peer-to-peer (P2P) botnets distribute their administration among many infected nodes rather than relying on a control server to send commands and receive pilfered data. With no centralized server, the botnets are generally harder to spot and more difficult to shut down.
__________________________________________________________________________
Researchers have found what they believe is a previously undiscovered botnet that uses unusually advanced measures to covertly target millions of servers around the world...
The botnet, which Guardicore Labs researchers have named FritzFrog, has a host of other advanced features, including:
- In-memory payloads that never touch the disks of infected servers
- At least 20 versions of the software binary since January
- A sole focus on infecting secure shell, or SSH, servers that network administrators use to manage machines
- The ability to backdoor infected servers
- A list of login credential combinations used to suss out weak login passwords that’s more “extensive” than those in previously seen botnets