Asprox botnet rears its ugly head
By Clement James on May 22, 2008 7:53AM
A new botnet which specialises in sending out phishing spam has prompted security experts to call for enterprises to review their security protection.
The Asprox botnet uses a SQL-injection attack tool to hack websites and add yet more hijacked PCs to its army.
"Asprox is more than just another piece of botnet malware as it's what we call a 'hybrid'," said David Hobson, managing director of Global Secure Systems.
"It uses an SQL-injection attack tool that attacks legitimate websites to add to the overall botnet swarm."
Hobson explained that, while botnets and SQL injection attacks are nothing new, a malware infection that combines the two "darkware" vectors highlights the growing ingenuity of the hacker community.
"Most botnets are perpetrated these days by criminal gangs who are after your company's money. And if they can't get your money, they'll use your computers to damage your reputation. It's a simple as that," he said.
The rapid evolution of multi-vector malware like Asprox means that companies should now look seriously at multi-vendor and/or multi-layered IT security protection, according to Global Secure Systems.
"The days when firms could install a single security system on their IT resources are long gone," said Hobson.
"Companies need to review their IT security system on a regular basis and talk to their reseller about enhancing their systems to deal with the latest threats."