Kaspersky Lab releases a new article "The botnet business"

13 May 2008
Virus News

Kaspersky Lab, a leading developer of secure content management solutions, has published an article entitled "The botnet busines" by senior virus analyst Vitaly Kamlyuk. The article describes how botnets (also known as zombie networks), which have evolved into one of the most serious information security threats, are created and operated. The article is the first in a series of publications on the botnet problem.

Botnets have been in existence for about 10 years; experts have been warning the public about the threat posed by botnets for more or less the same period. Nevertheless, the scale of the problem caused by botnets is still underrated.

A botnet is a network uniting computers which are infected with a malicious program that enables cybercriminals to remotely control the infected machines. Malicious programs that are designed specifically to create botnets are called bots. The owner of a botnet can control the computers which make up the network from anywhere in the world – from another city, country or even another continent. Importantly, the Internet is structured in such a way that a botnet can be run anonymously.

The owner of an infected machine usually does not even suspect that the computer is being used by cybercriminals. Most zombie machines are home users’ PCs.

Botnets can be used by cybercriminals for conducting a wide range of malicious activities, from sending spam and engaging in blackmail and phishing to attacking government networks.

Today, cybercriminals need neither specialized knowledge nor large amounts of money to get access to a botnet. The underground botnet industry provides everyone who wants to use a botnet with everything they need, including software, ready-to-use zombie networks and anonymous hosting services, at low prices.

Today, botnets are among the main sources of illegal income on the Internet and are powerful weapons in the hands of cybercriminals. It is totally unrealistic to expect that criminals will relinquish such an effective tool; security experts, anticipating the continued development of botnet technologies, view the future with some trepidation.

It's not only cybercriminals who have an interest in creating international botnets. Such botnets can be used by governments or individuals to exert political pressure on opponents.

Networks which unite the resources of tens or hundreds of thousands or even millions of infected computers, pose a potentially very serious threat. This potential has not yet been fully exploited. Virtually all this cyber power stems from infected home computers, which make up the overwhelming majority of zombie machines exploited by cybercriminals.

The complete article can be found on Viruslist.com. The Executive Summary is available on the Kaspersky Lab corporate website.