IRC Botnets Drastically Vanishing Though Not Completely Out
According to Team Cymru an Internet security monitoring company, which recently conducted a research, Web-controlled botnets currently are more in number compared to botnets that the conventional Internet Relay Chat (IRC) protocols control.
Further, according to the company, there occurs a twofold increase in the total number of command-and-control servers for botnets every one and a half year, with HTTP-based botnets in the lead that are more difficult in detecting as well as stopping compared to the earlier IRC-based botnets. Indeed, C&C servers based on HTTP exceed C&C servers based on IRC in the proportion of 10:1, reports Cymru. Tjreatpost.com published this on November 16, 2010.
Notes the security company that previously the sole method for regulating armies of hijacked computers were IRC channels, but now since many years, this approach is no longer in favor because there has started a predominance of increasing script-kiddie like methods for controlling botnets.
States ex-Detective of Scotland Yard and presently Team Cymru's Global Outreach Director, Steve Santorelli that IRC botnets are gradually vanishing as well as that they would have been completely out had policies of corporate security not been so poor which lets them to stay. Theregister.co.uk published this on November 16, 2010.
Santorelli elaborates that in plenty of organizations, the IT department rarely places any restriction on the flow of traffic via the 6667 network port despite that port designated solely for IRC-channels. And due to this control over computer servers in a manual way, traffic penetrates company firewalls without difficulty as well as successfully arrives on the systems that are clients to the botnet, the Director explains. Garantstv.ru published this on November 17, 2010.
Further according to Santorelli, PCs linked with the IRC-botnet often have to keep interacting with the IRC protocol, whilst an HTTP-based malevolent network doesn't require doing so. Consequently, in the former instance it's much easier to spot contaminations compared to those in the latter. Meanwhile, IRC-botnets can be tackled via blacklisting Internet Protocol addresses as well as via using anti-virus programs. Nonetheless, according to the researcher, these threats shouldn't at all be ignored even if they may appear insignificant.
Related article: IRS Cautions Taxpayers of Recent Email Scam
» SPAMfighter News - 29-11-2010