The attackers who created and distributed the Asprox botnet which was discovered in 2008 have developed new tactics to avoid detection and continue the spread of the threat.
Also known as Aseljo and Badsrc, Asprox scans websites in search of vulnerabilities, when a compromised machine is found it uses phishing techniques to performs SQL injection attacks which can spread malware onto thousands of machines. Despite the attack being well known by antivirus software’s since its discovery in 2008, the creators have developed new angles of attack in aid of going unnoticed.
Attackers have widened their target in order to spread malware worldwide by employing spam email templates in numerous different languages. Phishing emails are now shielded by RC4 encryption and the use of authentic email accounts. A combination of these methods makes for a well-disguised attack.
Asprox is predicted to have infected up to 15,000 computers since it’s discovery back in 2008.