A new botnet which specialises in sending out phishing spam has prompted security experts to call for enterprises to review their security protection.
The Asprox botnet uses a SQL-injection attack tool to hack websites and add yet more hijacked PCs to its army.
"Asprox is more than just another piece of botnet malware as it's what we call a 'hybrid'," said David Hobson, managing director of Global Secure Systems.
"It uses an SQL-injection attack tool that attacks legitimate websites to add to the overall botnet swarm."
Hobson explained that, while botnets and SQL injection attacks are nothing new, a malware infection that combines the two "darkware" vectors highlights the growing ingenuity of the hacker community.
"Most botnets are perpetrated these days by criminal gangs who are after your company's money. And if they can't get your money, they'll use your computers to damage your reputation. It's a simple as that," he said.
The rapid evolution of multi-vector malware like Asprox means that companies should now look seriously at multi-vendor and/or multi-layered IT security protection, according to Global Secure Systems.
"The days when firms could install a single security system on their IT resources are long gone," said Hobson.
"Companies need to review their IT security system on a regular basis and talk to their reseller about enhancing their systems to deal with the latest threats."
Hugely successful malware gets a new twist 23 Apr 2008
NCSA warns over danger posed by cyber criminals' weapon of choice 10 Apr 2008
Phishing and keyloggers highlighted as criminals go after the data 09 Jun 2008
But overall malware volumes still rising fast 01 May 2008NCSA warns over danger posed by cyber criminals' weapon of choice 10 Apr 2008
Phil Woolas practices what he preaches 23 Jul 2008
T Boone Pickens urges Senate to embrace plan to generate more than a fifth of US energy from wind 23 Jul 2008
New Combined Heat and Power plant to provide carbon netural energy to distribution centre 23 Jul 2008
More news
When faced with NGO criticism over their environmental performance, many firms simply batten down the hatches. But, as Paul Thomas argues, communicating with your detractors represents the best means of minimising brand damage 23 Jul 2008
Tom Whitehouse, chief executive of green PR consultancy Carbon International, offers tips on how green business startups can best attract investment 21 Jul 2008
Every business seems to want a green label or quality mark, but with so many certification schemes now available which one should they choose? Tilde Herrera investigates 18 Jul 2008 More in-depth
Post your comment
Send an email to the Business Green editor at feedback@businessgreen.com
