New Iteration of TDSS/TDL-4 Botnet Uses Domain Fluxing to Avoid Detection
A new version of the TDSS/TDL-4 botnet is rapidly growing, primarily because it’s having great success using an evasion technique known as a domain generation algorithm (DGA) to avoid detection, researchers at Damballa Security revealed today.The algorithm helps the latest version of the botnet carry out click-fraud campaigns and is used primarily to rapidly move communication between victims and command-and-control servers from domain to domain, a technique known as domain fluxing, similar to fast fluxing.