New ZeuS Botnet No Longer Needs Central Command Servers 137
c0mpliant writes "Researchers at Symantec have identified a new variant of the ZeuS botnet which no longer requires a Command and Control server. The new variant uses a P2P system, which means that each bot acts like a C&C server, but none of them really are. The effect of which is that takedowns of such a network will be extremely difficult because there is no one central source to attack."
Re:They still need a C&C (Score:4, Interesting)
I think it's worse than that. If it works with the scheme fasttrack (for example) uses, you'd need to get the people behind the computer to actually kill it. Even if they get the original machine, they can just switch places and keep going (since there is no single point of failure, from what I read).
Re:They still need a C&C (Score:5, Interesting)
But on the other hand, you still need to issue commands to the C&C. If you can figure out the communication protocol used to assign C&C powers to a node, then security researchers can easily toss-out the command to become a C&C to all nodes and then sink-hole it.
Further, I am not aware of any way to encrypt communications between the botnet's controllers and the botnet's nodes because every node will need to have the private key to decrypt incoming communications. So anyone can analyze a node and just pick out the private key, and then start issuing commands to it as though they were the operators. It just adds bulk to the botnet code, and doesn't prevent anyone from sink-holing it.
I think the real difficulty is simply containment. If the virus is designed to spread as rapidly as possible, then you need to spend a lot of time finding nodes and taking control of them to shut them down. I think the designers of ZueS are counting on that, and hope sheer numbers will be better than more precise control.
Re:*yawn* (Score:4, Interesting)
That depends entirely on whether you are living in the real world or in lala-land.
Minor parties are changing the system all the time. In my country, the existence of the green party has put issues of environmental protection, peace, critical re-evaluation of atomic power, etc. etc. onto the agenda of all the major parties. When they started getting a seizable share of the votes, the other parties realized they can't ignore these issues anymore.
The same is happening with the pirate party right now. The fact that they solidly beat out one of the old major parties in a recent election shocked all the old parties, and suddenly they are starting to listen. ACTA was stopped in my country by a minister of the very party that lost its seats in that regional parliament to the pirate party. She's one of the smarter politicians, and she's understood that listening to the people is the only ticket her party has for survival.
Sure, it is much slower and nuanced change than a revolution, but it also has a lot less death and destruction.
And yes, I agree that "honest politician" is something you see once in a million.
But unless you have a realistic, proven proposal for a better system, all the rhetorics is just bullshit, anger expressed in words, but ultimately not constructive.
Because the first step in changing reality is accepting the current reality for what it is.