Bugtraq mailing list archives
Re: current leading bots used in drone armies [June/July 2004]
From: Jan Knutar <jknutar () nic fi>
Date: Sun, 11 Jul 2004 21:10:21 +0300
<snip and reordered>
Over-time, a drone army can reach hundreds of thousands of infected drones in size, and new armies/drone are created daily. There are a lot more than just a few drone armies out there, and the Trojan horses used change constantly.
<snip and reorder>
Trojan horses used in drone armies and Trojan horses installed on "lonely" infected machines far outnumber the amounts of infected users from _most_ worms.
<snip & reorder>
It's always funny to me how some in the AV industry would at times hype new worms or new barely different variations of worms, in the media, while ignoring drone armies almost completely.
What disturbs me, is the impression I get from the AV industry, of them not caring at all about even attempting to detect trojans/drones. At most a checksum based check is added if someone reports on particular trojan, which isn't really useful at all. From a purely practical point of view, it would seem to me that attaching trojan/drone protection to AV software functionality would be the most effective way of getting users secured against this, as we all know, trying to educate the great masses is nearly impossible at best. These vast amount of drone armies have been a problem for some people for years now, but it is only now that they start to be used for Spam, instead of the "armies" fighting against eachother with some ocasional ISP knocked offline in collateral damage for a few hours, that people seem to wake up and realize this is perhaps a problem that shouldn't just be categorized and filed away under "Internet ghetto activity we do not need to worry about". Gadi, I wish you luck in making much more "weird noises"!
Current thread:
- current leading bots used in drone armies [June/July 2004] Gadi Evron (Jul 10)
- Re: current leading bots used in drone armies [June/July 2004] Jan Knutar (Jul 15)