Lavasoft News - March 2007

Battling the Botnet Pandemic

Your home computer may be among the millions of PCs that are under the control of criminals, and worse yet, you may not even be aware of it.

Botnets, networks of compromised computers that hackers have commandeered, are one of the most serious and uncontrolled Internet problems of 2007, with experts warning that their rampant rule puts the Internet's future in danger.

Between 100 million and 150 million of the 600 million PCs on the Internet are under the control of hackers, estimated Vint Cerf, known as one of the "fathers of the Internet." In a panel discussion on the future of the Internet at January's World Economic Forum, Cerf, who co-developed the TCP/IP protocol that is at the base of Internet traffic, equated the spread of botnets to a disease that has reached a "pandemic" scope.

While most everyday computer users may be unaware of botnets, their effects show up all over the Net. Botnets are part of the multilayered and profitable crimeware industry, where the initial step is to infect and take control of a targeted computer.

"Computer users are often lured into installing software that they think is necessary for a download, and unknowingly install malicious software at the same time," says Christopher Allansson, Manager of the Lavasoft Security Center.

With the number of infected computers on the rise and no clear solution in sight, botnets threaten the cyber-world with real-life results.

Bot herders, the hackers who control botnets, can instruct thousands of computers to follow their orders, whether it's to propagate spam messages, launch fraud schemes or to issue denial of service attacks, targeting certain, often high-profile, websites in order to make them unavailable to users.

Once bot herders compile a group of compromised machines, they can sell it to fraudsters who are then capable of using the exploited machines for identity and data theft. An exploit can be sold for anywhere from $200 to $50,000 US dollars, Chad Harrington of FireEye told CIO Today.

The Internet's structure and resiliency has allowed it to keep functioning, in spite of attacks against it.

One of the most significant assaults on the Net, the February 7 distributed denial of service attack against domain name system (DNS) servers that manage global computer traffic, appears to have been the work of a botnet, experts say. At least two of the 13 DNS root servers were briefly overwhelmed, but Internet service was not disrupted.

Even with its known stability, researchers say an answer to the botnet problem must be found in order for the Web to survive. Improved operating system security and user authentication may help to alleviate the botnet threat, but neither is a failsafe solution.

The future may even see "disposable virtual PCs," accessed through the Internet, to cut down on the threat of virus infection, Michael Dell, the founder of Dell computers, said.

Whatever the solution, it is likely to take a coordinated effort to get the problem under control. According to Hamadoun Toure, secretary general of the International Telecommunications Union and panellist at the World Economic Forum, the botnet fight is a "war" that can only be won by cooperation between regulators, governments, security firms, telecom providers, and computer users.

"A step computer users should take, along with keeping their anti-virus and anti-spyware software up-to-date, is to always be aware of what they are downloading," Allanson said. "You should never install software if you are unsure of the vendor. If you have doubts, submit suspicious files to a free scanner service like for an analysis."

Home   arrow

Ad-Aware SE + Firewall - 30% off! Buy Ad-Aware SE + Lavasoft Personal Firewall bundle today and get up to 30% off! *Offers ends March 15th, 2007. All purchases will be eligible for a free update to Ad-Aware 2007
One of the so-called "fathers of the Internet" claims 100-150 million of the 600 million online computers are virus-infected components in botnet networks of PCs under control of hackers. Read who said it and what other predictions he makes in our story, "Battling the Botnet Pandemic."
Term of the Month
Botnet, shortened from roBOT NETwork, is a network of compromised PCs. It is a type of Remote Control Software, specifically a collection of software robots, or 'bots', which run autonomously. Botnets have been used for sending spam remotely, installing more spyware without consent, and for other illicit purposes.

Educate yourself by reading more terms in our Spyware Glossary.
Tech Tips
Having up-to-date firewall, anti-virus and anti-spyware programs is key in keeping your computer safe, but be prepared in the event of a system crash. Back up your files! Along with confidential documents, think of all those personal photos you may have stored on your PC. Don't lose them! Copy them onto a removable disc and store them in a safe place. It may seem like simple advice, but many computer users don't have any back ups at all.
Letters to the Editor
Many of you who wrote to us feel the so-called "spyware" teacher shouldn't be put behind bars and that malware is the real criminal in this case. Stay tuned to this story as sentencing is handed down March 2. In the meantime, read a few of your letters here (some have been shortened due to space limitations).
Lavasoft AB
Lilla Bommen 1
411 04 Gothenburg
Page footer