Tuesday, July 28, 2009

Botnet Threat



The internet is a network of linked
computing systems. A botnet is a linked network of hijacked computers that can be used to attack networks or even entities as large as an entire country’s network, making it a type of mini-internet within the net.

How: The huge number of computers that comprise the botnet allow it to execute brute force attacks, overwhelming defenses through Directed Denial of Service (DDoS) or through massive spam flooding. Malicious code is spread through attachments sent in email: this code forces the subverted computer to perform automated tasks on command. Other infection methods have included a subverted Republican Party website and exploiting YouTube and Yahoo applications.

Where: Due to its distributed nature, there is no known primary location for the largest botnets.

Numbers: The Storm botnet has been variously
estimated at between 160,000 and 50 million slaved computers. Nugache is a more recently identified botnet.


Some botnets have responded with apparently automated defensive attacks directed towards researchers and anti-spam software vendors. Recoding its viral code twice an hour has been one propagation technique that has allowed botnet code to infect despite antiviral/malware protections on some






1 comment:

  1. Apparently the DDoS attack on twitter was orchestrated through a botnet: http://bits.blogs.nytimes.com/2009/08/07/attack-on-twitter-came-in-two-waves/?partner=rss&emc=rss