Security researchers from Bitdefender Labs have uncovered some new variants of the notorious TDL malware, a threat that's designed to infect the master boot record of computers.
One difference between these and older TLD versions is the fact that the new samples use file names made up entirely of digits. Previous variants utilized more intuitive file names, such as ldr16/ldr32/ldr64/mbr.
As far as the configuration file is concerned, it’s pretty much the same as the old one, except that the new one doesn’t contain almost any readable strings.
“Unfortunately, the TDL bootkit family remains relatively unknown in the wider IT security community, as the low detection rates from other major antivirus companies prove,” Bitdefender experts noted.
The company has updated its rootkit remover to ensure it can detect and remove the latest TDL versions.