Intel Security

Catch Me If You Can: Antics of a Polymorphic Botnet

The analogy that fits cybercrime is a game of cat and mouse — played among those fighting cybercrime and those seeking illegal profits. We see multiple examples in which technical innovation on both sides has resulted in one party advancing on one occasion and playing catch up on another. This struggle has played out in multiple guises, as criminals have developed convoluted communications infrastructures to facilitate control capabilities for malware, payments, and laundering services for their ill-gotten gains.

McAfee Labs discusses many examples in reports, white papers, and blogs that present the cybercrime ecosystem, emerging trends, and our engagement with key partners to disrupt or take down such operations. Earlier malware milestones seem rather rudimentary today, but the inescapable fact is that cybercrime is very big business.

In early April 2015, a global law enforcement action — with assistance from McAfee Labs— took down a major botnet that infected over 100,000 systems globally. To understand the worm, its associated botnet, and the takedown, we have prepared some material. The report Catch Me If You Can: Antics of a Polymorphic Botnet provides an in-depth analysis of the polymorphic worm and its command and control infrastructure. The solution brief When Evolution Turns Dark explains how McAfee products can protect against this worm and others like it. View the global law enforcement takedown announcement and our coverage of the takedown on our blog.