Kaspersky Lab presents a new analytical article from Yury Namestnikov, antivirus analyst at Kaspersky Lab. The article entitled “botnet economics” discusses the various applications of zombie networks and explains how Cybercriminals use them as a money machine. The full version of the article is available at www.viruslist.com while a summary can be found at www.kaspersky.co.uk/threats.
A botnet is a network that consists of computers infected by malicious software, which allows Cybercriminals to control the infected machines remotely without the users’ knowledge. Botnet owners’ sources of income include DDoS attacks, theft of confidential information, spam, phishing, search engine spam, click fraud and distribution of malware and adware.
A botnet is an ideal tool for carrying out a DDoS attack. Such attacks can be used as an instrument of unfair competition or be manifestations of cyberterrorism. Confidential information kept on users’ computers can also be targeted by botnet owners. The most valuable data includes credit card numbers, financial information and passwords to various services.
New phishing sites are now mass-produced by Cybercriminals, with botnets used to protect sites from closure. The income from phishing is comparable to that from the theft of confidential data using malicious programs and adds up to millions of dollars per year. About 80% of all spam is sent via zombie networks. In the past year, spammers made about $780 million.
Resources provided by zombie networks can also be used to distribute adware and malicious programs. Online advertising agencies that use the PPC (Pay-Per-Click) scheme pay for unique clicks on advertisements. Botnet owners can make significant amounts of money by cheating on such companies. About 17% of all advertising link clicks in 2008 were fake, of which a third was generated by botnets.
Today, the most effective method of combating botnets is to join the forces of antivirus experts, ISPs and law enforcement agencies. Such cooperation has already resulted in the closure of three companies: EstDomains, Atrivo and McColo, whose servers hosted command and control centers for major spam botnets.
According to the author, only law enforcement agencies can stop the command and control centers and catch Cybercriminals. On the other hand, it is obvious that without help from users, combating botnets cannot be effective, since it is home computers that make up the lion’s share of all bots. It is important for users to stick to simple IT security rules.
This material can be reproduced provided the author; company name and original source are cited. Reproduction of this material in re-written form requires the express consent of Kaspersky Lab’s Public Relations department.
To find out more about Computer Threats visit: http://www.kaspersky.co.uk/threats.