Security News > 2020 > April > Unique P2P Architecture Gives DDG Botnet ‘Unstoppable’ Status

Unique P2P Architecture Gives DDG Botnet ‘Unstoppable’ Status
2020-04-09 20:34

The coin-mining botnet known as DDG has seen a flurry of activity since the beginning of the year, releasing 16 different updates over the course of the past three months.

Proprietary P2P. In its latest version, the DDG botnet still uses IP or DNS for static C2 communications, but its new P2P network acts as "a fall-back [failsafe] that even if the C2 is taken down, the infected devices are still going to keep going and perform the mining tasks," analysts said in a blog on Wednesday.

"After more than two years of development, DDG has evolved from a simple mining trojan, to a simple P2P network using a third-party protocol framework, to using a self-developed P2P protocol," researchers concluded.

It's not huge by botnet standards, but DDG is likely highly effective, the firm said.

" more security researchers can take a good look at it and hopefully slow down the seemingly unstoppable DDG botnet," they added.


News URL

https://threatpost.com/p2p-ddg-botnet-unstoppable/154650/