March 04, 2013

Using new tactics, Asprox botnet goes unnoticed

Researchers have found that attackers behind the Asprox botnet have never retreated, instead continuing their spam and malware bombardments with a new set of tactics.

According to a research paper on the Asprox botnet recently released by Trend Micro, compromised machines now are instructed to scan legitimate websites for vulnerabilities so malware can be distributed on them. In addition to spreading malware through phishing emails, the botnet – first detected in 2007 and which has morphed over the years – also skirts detection by using RC4 encryption and legitimate email accounts to spam other users.

This time around, Asprox botnet attackers are also using spam templates in various languages to widen their impact worldwide. In 2008, the Asprox botnet used SQL injection attacks to infect more than 2,000 sites.

Related Articles
Related Topics

Sign up to our newsletters

More in News

Three LulzSec members plead guilty in London

Ryan Ackroyd, 26; Jake Davis, 20; and Mustafa al-Bassam, 18, who was not named until now because of his age, all admitted their involvement in the hacktivist gang's attack spree.

WordPress tightens security with two-factor authentication

The new feature is immediately available for users and "secret" codes can be accessed via SMS or through the Google Authenticator app.

Microsoft fixes three "critical" flaws with Patch Tuesday release

The biggies are two vulnerabilities in Internet Explorer and a single weakness in Remote Desktop Connection.