According to "Botnet that enslaved 770,000 PCs worldwide comes crashing down", this "Simda" botnet was very stealthy, because it "morphed into a new, undetectable form every few hours, allowing it to stay one step ahead of many antivirus programs.".
Well, polymorphic viruses are nasty little beasts, so I suppose it's great that they did manage to finally control this. We can all breathe a little easier and sleep more soundly thanks to the truly brilliant efforts of A/V researchers.
But hold on a minute. According to that article:
What? You mean that A/V software never looks at hosts files and never bothers to check its entries against a presumably safe DNS server? For real? Such a basic and obvious check is not done?
Wow. That's disturbing.
If you found something useful today, please consider a small donation.
Got something to add? Send me email.
More Articles by Anthony Lawrence © 2015-04-15 Anthony Lawrence