March 04, 2013

Using new tactics, Asprox botnet goes unnoticed

Researchers have found that attackers behind the Asprox botnet have never retreated, instead continuing their spam and malware bombardments with a new set of tactics.

According to a research paper on the Asprox botnet recently released by Trend Micro, compromised machines now are instructed to scan legitimate websites for vulnerabilities so malware can be distributed on them. In addition to spreading malware through phishing emails, the botnet – first detected in 2007 and which has morphed over the years – also skirts detection by using RC4 encryption and legitimate email accounts to spam other users.

This time around, Asprox botnet attackers are also using spam templates in various languages to widen their impact worldwide. In 2008, the Asprox botnet used SQL injection attacks to infect more than 2,000 sites.

Related Articles
Related Topics

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.