H-Desk.com - PC Security matters - Protect your PC privacy
Jan 22, 2009
Invasion of Botnet: Is Your Computer a Zombie?
by atomic cabbage / General
About 15 percent of all computers with internet connection are infected with bots, a report on emerging threats for 2009 from Georgia Tech Information Security Center estimates, and your PC might be among them.
It's however, hard to tell, because 'bots' are good at hiding 'in the dark corners' of your PC. Somewhat grimmer estimations came from Vint Cerf, one of the 'fathers of the internet', who told two years ago that about 25% of the 600 million computers connected to the Internet have been compromised by a bot of one kind or another.
More reasons to be worried about are further experts' predictions that botnets will be among top threats in year 2009, not only for computers, but also for mobile devices.
But first, here's a definition of 'botnet' term. A 'bot' is a type of malware which allows an attacker to gain complete control over the affected computer. Computers that are infected with a 'bot' are generally referred to as 'botnet' or 'zombies'. These computers connected to the internet are set up to forward transmissions including spam or viruses to other computers on the internet, although the users are unaware of this.
Infected PCs also harvest private data from infected machines, and can be used to redirect transmissions to a specific Web site or server that can be closed down by having to handle too much traffic. Botnet can be used for distributed denial-of-service (DDoS) attack as well as hosting phishing sites and other illegal content.
With the extremely lucrative activities that can be done with botnets (such as password ripping, spamming, DDoS attacks) no wonder why they became favorite tool of 'cyber-terrorists'.
Many ‘bots’ are downloaded silently in the background, simply by visiting an infected site, or having firewall ports open or inadequate protection.
Users of affected PCs are usually unaware that they are infected, because as said before, bots are good at hiding, which makes botnet more efficient in their attacks.
Usual symptoms that signals something is wrong and that you might be infected with a bot is when your computer seems to slow down or crash for no apparent reason. You might suspect that there is some malware running in the background causing a problem.
Sometimes a standard check with your antivirus or antispyware program may reveal the problem. So it's really important to keep them up to date on daily basis.
But, because of botnet 'sneaky' nature you often won't be able to detect them with standard procedures such as scans, or manual checks of running processes, folders or registry.
Some companies like Trend Micro offer free solutions against botnets. One of them is RUBotted, which once downloaded and installed, sits in the taskbar and monitors all traffic and will warn you when your system has been compromised.
Link to this useful program and more info about it:
It was already said that the botnets will be 'threat trend' this year. Many of them will be used to distribute spam following the success of three major bots in the last year: Storm, McColo and Bobax/Kraken.
Some of the botnets to be watched in 2009 are:
Cutwail - Can be seen sending a wide variety of spam, including pharmaceuticals, replica watches, online casinos, phishing mule come-ons and malware.
Rustock - Can be seen sending spam for enlargement products, hidden inside newsletter templates swiped from legitimate companies, in an attempt to bypass content filters.
Donbot - Has been seen sending spam for weight loss drugs, stock pump-and-dump and debt settlement offers.
Ozdok - Although Ozdok has a relatively small set of bots compared to some of the other botnets listed here, it is quite capable of pumping out a generous amount of spam, most of it related to enlargement products.
Other minor also include: Xarvester, Grum, Gheg (called 'swiss-army-knife of spambots'), Cimbot and Waledac.
More info on: http://www.secureworks.com/research/threats/botnets2009
Predictions for 2009 are grim. Users, especially those who are less experienced in computer security will be affected, which will lead to further increase in percentage of PC affected with botnets. Attackers will push hard to promote their, so far the most efficient tool, bots.
And there are three simple reasons for that - bots easily infect, they're hard to be discovered and they bring lucrative income to criminals.
You've done math enough to figure out what will be their priority this year.
Just be aware not to become another zombie in their net.
Readers posted 0 comments for this article