It is estimated that over 50 million computers worldwide are part of botnets
Chapel Hill, NC (PRWEB) April 1, 2010
Most rational people would opt to drive a Humvee if they need to cross a war zone, but the same people think nothing about surfing the internet superhighway through virtual battle zones with only their mouse for company. The internet respects no borders and can take the user into uncharted dangerous territories infested with complex malware such as rootkits. No one is safe from these internet malware threats and these virtual terrorists use multiple methods to piggyback on our existing infrastructure and bandwidth to invade our privacy and security in our own homes and offices without our knowledge.
Hundreds of cyberwarfare attacks on military systems and government infrastructures are reported daily and most of them are using botnets. A botnet is a network of infected computers, called zombies, which can be used for sending out spam, mounting denial of service attacks, stealing personal information, cyber terrorism, etc. Computer botnets are facilitated by rootkit infections. Spanish police recently arrested three ringleaders behind the Mariposa botnet that infected 12.7 million PCs, stealing credit card and banking information from half of the Fortune 1,000 companies and 40 major banks. The Mariposa botnet was one of the world's biggest, as it spread to more than 190 countries and appears to be more sophisticated than the botnet that was used to hack Google. It is estimated that over 50 million computers worldwide are part of botnets. The botnet owners rent these zombies out to various criminal organizations for various purposes such as sending out spam, collecting personal and commercial information, cyber espionage, cyber terrorism etc. This is a very dangerous trend and organized criminal syndicates are leasing vast numbers of zombies for criminal activities.
Hacker tools are becoming cheaper and easier to obtain and rootkits allow hackers to bypass normal security controls and remain undetectable. Rootkits are used to infect zombies to create botnets. A rootkit will capture personal information, while creating a back-door into the system to alter files, processes, or tools to escape detection. As rootkits become more powerful, common, and difficult to detect they can be widely used in combination with social malware techniques to attack a large number of computer systems in a relatively short period of time. Rootkits not only download updates to themselves, but also virus payloads that they install inside their encrypted folders to avoid detection by traditional security tools. Malware writers keep updating rootkits and their malicious attacking methods, as anti malware tools become able to detect them. The three most dangerous rootkits that were recently updated are Rustock, 4DW4R3, and TDL3. Safe rootkit removal is a very complex process, and only security companies that have the best cutting edge technology are able to accomplish this. X-Wire Technology has released two powerful new tools to help individuals protect themselves against these hard to remove complex rootkit threats.
Tizer™ Rootkit Razor
X-Wire's newly released Tizer™ Rootkit Razor is able to detect the newly updated rootkits Rustock and 4DW4R3 as well as all other malicious rootkits using multiple methodologies. This tool will scan files, registry keys, DLLs, processes, kernel API modifications, SSDT modifications, kernel object modifications, hidden ports, hidden drivers/services, etc. to help detect and safely remove rootkits. Rootkit Razor is fully compatible with 32 bit versions of Windows XP, Vista, and 7.
Tizer™ TDL3 Razor
TDL3 is a recently updated hard to detect and remove rootkit that infects Windows XP machines, and X-Wire has released a free utility called Tizer™ TDL3 Razor that will allow users to easily detect and remove this particular rootkit. Tizer™ TDL3 Razor allows users to remove the TDL3 rootkit infections from Windows XP machines with Intel processors and hard disks that use atapi.sys or iaStor.sys drivers. The TDL3 rootkit is actually a botnet and TDL3 Razor is currently the only tool that is able to remove the rootkit from machines with both of these hard disk drivers.
The third new tool Tizer™ SysScan will generate a detailed report of registry and file settings on a computer after scanning. It will display any misconfigurations that could have been caused by malware. The log file can be saved and uploaded to a forum for expert advice, or sent to the Tizer Secure™ support team for a free analysis. SysScan has a strong advantage over other tools, as it can display all hidden processes, modules, drivers, and registry entries.
In addition, Tizer™ UnLocker gives users complete control over any locked file or folder on a computer. Users can either right click on a locked file, or browse their system files, folders, or drives to detect anything that is locked. Unlike other similar products, UnLocker will enable users to kill or unlock multiple processes/files, as well as delete, rename, and move files. It also shows hidden modules.
The four new tools are all released free for personal use by X-Wire to provide individuals with powerful new tools to protect themselves. They are all available for download at http://www.TizerSecure.com and all tools aside from TDL3 are compatible with Windows XP, Vista, and 7 (32-bit). Since the TDL3 rootkit infects only Windows XP systems, it should only be used on this operating system. Select features of these tools are also included in the full Tizer Secure™ security suite.
About X-Wire Technology
With offices in Chapel Hill, NC and Mumbai, India, X-Wire Technology provides outsourced IT security services to clients around the globe. As a Microsoft Certified Partner, X-Wire Technology specializes in product development and marketing with a focus on internet security. Visit http://www.TizerSecure.com or contact Shelley Koerber at 919.490.5971.
# # #