Google Groups Used To Control Botnets 63
oDDmON oUT writes "'Maintaining a reliable command and control (C&C) structure is a priority for back door Trojan writers. ... Symantec has observed an interesting variation on this concept in the wild. A back door Trojan that we are calling Trojan.Grups has been using the Google Groups newsgroups to distribute commands,' writes Symantec employee Gavin O Gorman. He goes on to state that 'the Trojan itself is quite simple. It is distributed as a DLL,' and while the decrypted commands indicate it is used 'for reconnaissance and targeted attacks,' he does go on record as saying, 'It's worth noting that Google Groups is not at fault here; rather, it is a neutral party. The authors of this threat have chosen Google Groups simply for its bevy of features and versatility.'"
Re:Google Groups is just a way to Usenet (Score:5, Informative)
It's true Google Groups can be used to view Usenet groups, but you can also create groups that are completely independent of Usenet with it. That seems to be the case here.
Just Google it (Score:3, Informative)
We used to say "Engage brain before opening mouth" but nowadays the equivalent is "Check Google (or equivalent) before posting". P2P botnets have been around for a long time, and the recent Conficker worm uses P2P technology in quite an advanced way [wikipedia.org].