G Data detected botnet that is hidden within the Tor network

G Data has discovered a new zombie network that has the ability to leverage the Tor network to maintain anonymity to cyber criminals. This network allows you to encrypt messages that are sent through it and hide the IP users (the physical addresses of the devices, something like its identification in the network). The new zombie network is capable of organizing denial of service (DDoS) attacks or steal personal information from infected computers.

G Data detected botnet that is hidden within the Tor network

The Tor (The Onion Router) network was born with the objective of facilitating the communication of the users across the network without having to reveal their IP addresses and other personal information, because the information travels through many routers. This network uses the Protocol Internet Relay Chat (IRC), a platform that was popular a few years ago but that has fallen into disuse. However, it is not an alternative to the usual connection, but a plug-in that works in parallel. The new botnet or zombie network discovered by G Data uses the Tor platform to host your server and prevent the authorities to track the physical location of the criminals.

Read also: VirusBarrier for iOS, the first anti-virus for iPhone / iPad / iPod touch
Malicious Web applications: how to detect and eliminate

In addition to this layer of protection, the zombie network is capable of organizing DDoS (denial of service) attacks. Such attacks have become very popular in recent times, with the rise of cyber. The greatest exponent of this new power is without doubt Anonymous, which has managed to temporarily block various websites of institutions against which directed their protests through the joint attack of many computers. Another function that can carry out cybercriminals is the download other pieces of malware on the compromised machine and run them without the user is aware of the attack taking place.


On the other hand, private information of the users who have been infected by the malware can be collected through a botnet or zombie network. Because the information flows through the encrypted network, becomes more difficult for security systems capture your activity. But that doesn’t mean that this new zombie network is infallible, since it also inherits some negative aspects of the Tor network. Despite the advantages posed by the complex encryption that sent data, the network is not very stable and is quite slow (the IRC protocol has been certainly obsolete).

On the other hand, it should be taken into account that the malware used to infect computers can be located by the antivirus on the market, especially for those who incorporate a malware detection system through the analysis of behavior (these security solutions track the system in search of strange behavior, and block them before they can damage equipment).