TDL 4, TDSS Dangerous Botnet Generation 4

TDSS botnet variants now come with the latest variant of the 4th generation, which is more dangerous. Malware that spreads widely through the Internet and other devices such as flash disk is no longer an emerging application once and then die. Malware is also air-regeneration by always appearing in new forms and variants in a more powerful, more sophisticated. TDL 4, which is a botnet TDSS the 4th generation, is one of them.
The rise of the botnet infection that attacks the computers, network computers and even cause loss impact for the user. Commenting on the condition, Yudhi Kukuh, Technical Director of PT. Prosperita-ESET Indonesia convey that to banish the TDSS / TDL, with all sorts of traps to infect the system 32bit or 64bit or defeat botnets is not an easy job.
TDSS or also known as TDSS / TDL, or Win32/Olmarik, infect computers and then receives a command from a C & C server. Win32/Olmarik the next process. AVA zombies bekromunikasi each other by using Kademilia DHT (distributed hash table) peer-to-peer protocol. When a PC is infected by a bot, the computer will automatically become part of a network shared with other computers that also have been infected with the "Command & Control" (C & C) server or a botnet, which has destructive properties.
Botnets will try to control a network with several computers along with all information held, then the information that was stolen will be deployed to computers in the network. Botnets are not just stop working even if only one computer while the other computers in a botnet network is dead.
Weaken the network of botnet can be done either by tracking down and turn off some or all of C & C servers that send information to the zombie computers that have been infected and gives instructions to be performed, then if the server is turned off, the zombie computers that are connected to the computer server is no longer able to function sends data or perform as instructed by the botmaster.
By using Kademilia protocol, botmaster will be able to meyatukan weakness of C & C approach, then using the similarity approach between each computer as C & C servers or zombie or a client who has been infected.
"In addition, there is an easy way to banish the botnet on your network. The trick is to have the awareness to activate, update periodically the security system or computer network servers," added Yudhi.