A new “Trojan horse” program called Phatbot is spreading across Windows computers connected to the Internet, employing a range of nefarious tactics including some borrowed from the world of peer-to-peer file sharing systems such as Kazaa and the original Napster. According to the Washington Post, which broke the story on March 17, Phatbot can create invisible networks of up to 50 infected machines. This gives the hackers who wrote the program a highly efficient way to issue orders to the machines, in essence recruiting them into an underground hacker army. For example, the networks could be used to launch massive spam or denial-of-service attacks.
The resilient nature of peer-to-peer networks – if one node is removed, communications will simply flow around it – means that security officials will have a very hard time slowing Phatbot’s spread, short of tracking down every single infected machine. Just as alarming, the malicious program can evade and shut down many popular anti-virus programs. But the Post links to several sites where anti-Phatbot programs can be downloaded.