Big botnets and how to stop them
Here are the worst of the botnets, and ways you can try to stop them in their tracks
There are hundreds of botnets, ad hoc networks of Windows PCs that are infected with one or more programs to let them do the bidding of their controllers, some are far more trouble than others. While you can't afford to ignore any botnet threat, here are some of the worst of the worst.
"When it comes to Botnets, size does matter," said Scott Emo, head of endpoint solutions at Check Point, a network and endpoint security company. That's because "the larger the botnet network, the more "robot soldiers" the botnet operator has to do damage."
[ See also: The Botnet Business ]
You shouldn't get too wrapped up though in who's the baddest of the bad. Richard Wang, the manager for anti-virus company SophosLabs US commented that, Sophos "tracks botnet activity based on spam that we see, sites that malware calls back to for updates and instructions, and known malware repositories. However, we do not track individual botnets as such."
Wang continued, "Take for example the Zeus (aka Zbot) botnets. While many report that Zeus is a significant threat, they fail to explain that it is not a single botnet. Instead it is a toolkit allowing individual criminals to set up similar but separate botnets of their own. Concern about the top 5 botnets is like worrying only about crime caused by the FBI's most wanted. While they are undoubtedly serious, the chances are that if you are attacked it will be by some much smaller fry."
It's also hard just to pin down a list of baddies as Timothy Armstrong, anti-virus researcher, for anti-virus firm Kaspersky Lab pointed out, "It is hard to measure which five are currently the worst."
Armstrong continued, "While we have a botnet like Conficker (also known as Kido by Kaspersky) that is very wide spread, it has a lot of potential to do damage but has not done anything significant yet, as compared to other botnets of smaller size. Due to the work of the Conficker working group, this botnet has been all but abandoned. Zeus is currently a very large threat, as the malware is found in a large portion of malicious mail attachments."
He added, "There is not one particular botnet for Zeus. Recent versions are sold for big bucks while older versions may be found for free. Every cyber criminal using it configures it uniquely - thus creating many unique Zeus botnets.
Certainly we must also mention Koobface, which began as a Facebook-specific botnet but has grown to include Twitter, MySpace and other social networks in its attack vectors. Kaspersky estimates that there are around half a million Koobface clients active on any given day, though due to varied networking infrastructures, it is hard to pin down an exact number. Beyond these three results vary greatly.
- Transforming Information Security: Future-Proofing Processes This report provides a valuable set of recommendations from 19 of the world'd leading security officers to help organizations build security strategies for...
- The Evolution of Corporate Cyberthreats Cybercriminals are creating and deploying new threats every day that are more destructive than ever before. While you may have more people devoted...
- 3 Questions to Ask Your DNS Host about Lowering DDoS Risks Neustar has had wide-ranging conversations with clients wanting to know how they can optimize protection as DDoS attacks increase in frequency and size.
- The Danger Deepens: 2014 Neustar Annual DDoS Attacks and Impact Report This report compares DDoS findings from 2013 to 2012, based on a survey of 440 North American companies, including 139 businesses delivering technology...
- Establish Cyber Resiliency: Developing a Continuous Response Architecture Many enterprises fail to proactively prepare the battlefield for a data breach by only leveraging outdated techniques that focus on the perimeter or...
- An Incident Response Playbook: From Monitoring to Operations As cyber-attacks grow more sophisticated, many organizations are investing more into incident detection and response capabilities. In this webcast, learn how to develop... All Cybercrime and Hacking White Papers | Webcasts