Hi all,
Has anyone else seen this article?
4 million strong Alureon P2P botnet "practically indestructible". Note in particular this:
The most significant feature, however, is the inclusion of peer-to-peer technology in the latest version of the botnet's code. The rootkit uses the Kad peer-to-peer network, used by filesharing software eMule, to communicate between nodes. Using Kad, the botnet creates its own network of infected computers, allowing the machines to communicate with each other without relying on a central server.
Now, I have no idea whether this is related, but I recently had to disable KAD in aMule as my router ADSL modem stop being able to handle the traffic. The issue wasn't bandwidth, AFAICT, but open connections or something. My ZyXtel was literally choking, even though I was delegating only 30% of my upstream bandwith to aMule, with max. 178 connections in Preferences --> Connection.
Has anyone else seen any thing unusual with KAD traffic? Any thoughts on the implications of this apparently extremely robust botnet on the aMule/eMule network?
Thanks.
