Malware infestations can be bad, but this takes the taco.

23 January 2007

I was wrong, things can get more weird. Malware researcher Joe Stewart has been working on a new infective agent called SpamThru, and discovered some very unusual things about it: It goes to incredible lengths to ensure that it is the only infection on the machine in question, namely, it downloads and installs a pirated copy of Kaspersky Antivirus, hacks it so that it doesn't check for a valid license key, and scans the infected machine to get rid of every other piece of malware that isn't SpamThru. Control of zombied machines is done with a peer-to-peer protocol that can replace the central server in case it is ever discovered and shut down.