Microsoft's 240-page report takes an in-depth analysis of botnets, and is intended to alert people and organizations to the growth and danger of malicious botnets. "Most people have this idea of a virus and how it used to announce itself," said Cliff Evans, head of security and identity at Microsoft UK. "Few people know about botnets."
Botnets are used to spew spam around the world, carrying out DDoS attacks on web services and sending phishing e-mails. Personal and private information can also be hoarded from infected machines and uploaded to locations for bot herders to retrieve and sell on in underground markets online.
"Once they have control of the machine they have the potential to put any kind of malicious code on there," said Mr Evans. "It becomes a distributed computing resource they then sell on to others." Some put more pressure on their bots than others. The report cites the Lethic botnet, which was responsible for 56 percent of all botnet spam sent between March and June, despite only accounting for 8.3 percent of known botnet IP addresses.
"It's phenomenal the amount of grip that thing has," said Mr Evans. In the three months between April and June 2010, Microsoft software has cleaned up more than 6.5 million infections, more than twice as much for the same period last year.
Defending against infections like this is pretty straight-forward according to Evans, who suggests that users simply ensure Automatic Updates on their operating system is on, firewall software is running, an A/V tool is installed and that users keep all third party applications (particularly those used in web browsers such as flash) up to date.
Written by: James Delahunty @ 13 Oct 2010 13:16