‘Indestructible’ Zombie PC Botnet Borrows Exploit From Israeli, U.S. Cyberweapon
Four and a half million PCs, many of them in the U.S., are infected with what security researchers at internet security specialists Kaspersky Lab describe as an “indestructible” form of malware. They are doing everything from taking down websites with Ddos attacks to acting as a conduit for up to 30 other pieces of malware.
This malware, known as TDL4, deploys a number of clever tricks to guarantee its own survival, including one borrowed straight from the world’s most sophisticated cyberweapon, Stuxnet.
Stuxnet was almost certainly a joint U.S. / Israeli creation aimed at damaging the Iranian nuclear weapons program, which it did, by destroying a thousand centrifuges used for uranium enrichment.
The thing about computer viruses is that in one important respect they are exactly like their biological equivalents: through lateral gene transfer (or coders copying one another’s best ideas) enhancements to viruses’ tenacity or lethality can rapidly spread through a population of infectious agents.
And so it is with Stuxnet – one of the vulnerabilities that it exploits was previously unknown. Then those exploits went public and – surprise! – now one of them is in TDL4. Of course, once the vulnerability was known, Microsoft has a chance to patch it; plenty of machines remain un-updated, however, allowing TDL4 to exploit this vulnerability.
The thing about cyberweapons is that, unlike, say, the atom bomb, which has taken decades to propagate across the globe, as soon as a piece of malware is uncovered, its code can be deconstructed and the community of of black-hat hackers who would use it for their own purposes can immediately absorb its lessons.
In this way, cyberweapons lend themselves to a unique kind of ultra-rapid proliferation. Once the genie is out of the bottle, everyone who isn’t up to date with the latest patches is vulnerable.
Keep Reading
Most Popular
Large language models can do jaw-dropping things. But nobody knows exactly why.
And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.
The problem with plug-in hybrids? Their drivers.
Plug-in hybrids are often sold as a transition to EVs, but new data from Europe shows we’re still underestimating the emissions they produce.
Google DeepMind’s new generative model makes Super Mario–like games from scratch
Genie learns how to control games by watching hours and hours of video. It could help train next-gen robots too.
How scientists traced a mysterious covid case back to six toilets
When wastewater surveillance turns into a hunt for a single infected individual, the ethics get tricky.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.