Eavesdropping on a Botnet

wild3rbeast writes "Joe Stewart, a senior security researcher with LURHQ's Threat Intelligence Group has figured out a way to silently spy on a botnet's command-and-control infrastructure, and finds that for-profit crackers are clearly winning the cat-and-mouse game against entrenched anti-virus providers. From the article: 'The lesson here is once you get infected, you are completely under the control of the botmaster. He can put whatever he wants on your machine, and there's no way to be 100 percent sure that the machine is clean. The only way to be [completely] sure the system is malware-free is to completely wipe the hard drive and reinstall the operating system.'"

Next opportunity

[QuantumFTL]

Perhaps the next opportunity for profit in this game is to hack other people's botnets to bend to your own purposes? Probably a lot less risky than hacking thousands of potentially litigous members of the public. Secure encryption would stop most of this, however the master endpoint computer would still have some vulnerability.

Re:malware-free system?

[JamesTRexx]

Sort of like my first reaction, "The only way to be sure is to run something that is not Windows".

Until someone creates something that can infect the various *nixes that is.

Re:It's a bird. It's a plane. It's TC!

[l33t+gambler]

Trusted Computing to the rescue!

Absolutely! Trusted Computing is made to protect consumers from potential threats, but will it let consumers decide what is trustworthy? I recently discovered I had a UAService7.exe running in my Task Manager. After a search I found it is a SecuROM service, and lo and behold theres a service with that name in Services.

I can't remember being asked by a game or application to install such a service, and I don't know how to remove it as there's no reference to it in either Start Menu or Add/Remove Programs.

http://jooh.no/root/torrents/trusted-computing.tor rent