Security News > 2021 > December > Phorpiex botnet returns with new tricks making it harder to disrupt
The previously shutdown Phorpiex botnet has re-emerged with new peer-to-peer command and control infrastructure, making the malware more difficult to disrupt.
The source code for the Phorpiex botnet is being sold on the darknet... pic.
This time the command and control servers distributed a new botnet variant that included some new tricks to make it harder to find the operators or take down infrastructure.
When Phorpiex relaunched in September, Check Point saw it distributing a new malware variant called "Twizt" that allows the botnet to operate without centralized command and control servers.
Instead, the new Twizt Phorpiex variant added a peer-to-peer command and control system that allows the various infected devices to relay commands to each other if the static command and control servers were offline.
With the Phorpiex botnet evolving its code to use new peer-to-peer command and control features, it shows that the malware is still under active development.