Botnets Responsible for Majority of Malware Assaults
According to online security specialists, highly up-to-date malware assaults are particularly common in one respect. They (attacks) involve a botnet-based interaction medium that connects an attacker remotely with infected system.
Earlier, the key function of a botnet was to spew gentle but irritating spam. Although today many big botnets continue to do the same, they also perform further evil acts like targeted attacks against commercial enterprises or banking frauds through advanced Trojans.
Internet security specialists said that botnets included infected computers joined into networks and controlled by Command-and-Control (C&C) system of an attacker who gives them instructions and updates malicious software on infected computers. Moreover, this attack model proved useful to miscreants as it helped them to keep their attacks undetected or unblocked while keeping themselves concealed at the back of bot army.
Joe Stewart, Researcher at the Counter Threat Unit of SecureWorks, said - there is always some sort of command-and-control for a botnet whether it possesses a real server to connect to for taking instructions, or a P2P system by which it can transmit cryptographically signed orders and updates, as reported by DarkReading on October 8, 2009. Steward adds that several malware attacks' ultimate objective is to install bots that could be directed by a C&C.
Besides, the FBI regards tackling of cyber crime a high-priority issue, partly because there is an alarming proliferation of botnets, beyond corporate boundaries for the dissemination of infections at the back of corporate firewalls, as reported by Digital Library reported on September 30, 2009. Therefore, there should be a new method for thwarting the growing risk of treacherous, targeted botnets and malware that make conventional security software unusable.
Gunter Ollmann, Vice President of Research, Damballa, said that it didn't mean that all malware assaults originate from botnets or all compromised systems automatically turned into bots for, there were already plenty of conventional malicious software in existence, as reported by DarkReading.
Finally, Internet security specialists said that since botnets could be prevented from getting shutdown through IP address filtering, they were more durable archetypes for attackers.
Related article: Botnet Misuses Google Analytics
» SPAMfighter News - 28-10-2009