Most botnet-infected computers reside in the US, according to figures released by Microsoft.
In version 9 of its Security Intelligence Report, Microsoft reported finding 2.2 million computers in the US under the control of botnets during the second quarter of the year. That figure represents roughly a third of all the bots Microsoft detected and approximately four times more than Brazil, which had the second highest total at roughly 550,000.
“Botnets are the launch pad for much of today’s criminal activity on the Internet,” blogged Adrienne Hall, general manager of Microsoft Trustworthy Computing. “In many ways, they are the perfect base of operations for computer criminals. Botnets are a valuable asset for their owners – bot herders – who make money by hiring them out to other cyber criminals to use as a route to market for cybercrime attacks such as phishing attacks, spam attacks, identity theft, click fraud and the distribution of scam emails.”
According to the report, a botnet known as Lethic was responsible for 56.7 percent of the botnet spam between March and June of 2010 using just 8.3 percent of known botnet IP addresses.
“Lethic is a closely controlled botnet that uses a custom binary protocol for C&C [command and control],” the report states. “A takedown of the Lethic C&C servers in January 2010 disrupted the attackers’ ability to send spam, although they subsequently regained control of the botnet.”
Spam of course is just one activity associated with botnets. Pushbot, for example, is a malware family based on a kit called Reptile and is therefore not a single botnet. As a result, the malware has been associated with a variety of capabilities, including distributed denial of service attacks.
“Over the past several years, cybercriminals have focused their efforts on monetising their malicious activities by victimising computer users,” said Elias Levy, senior technical director of Symantec Security Response. “Thus, they target countries that have a high personal net worth, advanced financial systems that allow the online transferring of funds and those with a lot of online shoppers. The US fits that profile quite well.”
Security researchers have increasingly turned to botnet takedowns as a way to fight back. Microsoft took the operators of Waledac to court, seeking to take control of 276 Waledac domains.
“Bot herders guard their botnets jealously and invest huge amounts of time, effort and money in them,” Hall blogged. “They spread their bots by a central command to masses of computer users through malicious software and user deception. By keeping a low profile, bots are able to infiltrate computers and devices and can quietly operate in the background, often undetected for years.”
OpenAI to create public benefit corporation in Delaware in effort to put it on even…
Italy's data regulator fines OpenAI 15m euros over lack of 'adequate legal basis' for data…
Suchir Balaji, who claimed OpenAI broke copyright law and threatened livelihood of content creators, found…
Japan Airlines says hours-long delay to dozens of flights caused by denial-of-service attack amidst New…
Probe finds ninth US telecommunications firm hacked by China-backed 'Salt Typhoon' hacking group, as companies…
Huawei's latest Mate 70 flagship smartphone range continues to use memory chips from South Korea's…