Eavesdropping on Bots Preparing to Attack

When Joe Stewart spotted a variant of the Mocbot Trojan hijacking unpatched Windows machines for use in IRC controlled botnets, he immediately went to work trying to pinpoint the motive for the attacks.

Stewart, a senior security researcher with LURHQ's Threat Intelligence Group, set up a way to silently spy on the botnet's command-and-control infrastructure, and his findings suggest that for-profit spammers are clearly winning the cat-and-mouse game against entrenched anti-virus providers. Eavesdropping on Bots Preparing to Attack

Linked by shanmuga Saturday, 19th August 2006 7:29AM