Arbor Networks researchers have discovered a new botnet that compromises machines infected with the Heloag Trojan.

"Once on the machine, the Trojan loads itself into the Windows directory and installs a registry key that ensures the malware will be loaded during the startup routine," writes threatpost's Dennis Fisher. "It then makes a connection to the C&C server for the botnet, often on TCP port 8090, to register itself and await commands."

"The Heloag Trojan effectively gives the attacker complete control of the infected machine, and provides a simple platform for him to load other malicious software," Fisher writes.

Click here to read the threatpost article.