Source: Dark Reading
by Kelly Jackson Higgins
In this article “A large peer-to-peer botnet known for its resilience was spotted sniffing out potential victim voice-over-IP (VoIP) servers using an advanced stealth technique of camouflaging its efforts to recruit new bots.
The Sality botnet, which was first discovered in 2003 and has been estimated to have hundreds of thousands or more infected machines in its zombie army, scanned IPv4 addresses in February 2011 via a covert scanning method that flew under the radar, according to new research from the University of California-San Diego and the University of Napoli in Italy.
The researchers were able to observe the botnet’s activity via UCSD’s darknet, called the UCSD Network Telescope, which provides a passive traffic-monitoring system for studying malicious Internet activity. They will present their findings at next month’s Internet Measurement Conference 2012 in Boston.”