Botnet ranks exploding

Powered by SC Magazine
 

The number of computers currently controlled by botnets has exploded in recent months, say researchers.

The number of computers currently controlled by botnets has exploded in recent months, say researchers.

Recent figures recorded by the Shadowserver Foundation revealed that in the last 90 days, the number of computers infected by botnets has quadrupled.

The increase comes despite a slight drop in the number of botnets, leading researchers to believe that the increase has largely been to the benefit of the large, established operators in the market.

The increase has also come despite little to no increase in the volumes of new malware and viruses being discovered in the wild, leading some researchers to believe that computers are being infected through web-based attacks, most specifically, SQL injection.

Sans researcher John Bambenek noted that the increase in botnet infections seems to coincide with the appearance of large-scale SQL injection attacks, in which hundreds of thousands of individual web pages were compromised with embedded exploit code.

Bambenek said that because many security firms lack a mechanism for accurately rooting out the SQL attacks before they become widespread.

"Short of spidering the web on a consistent basis, it gets difficult to find infected sites for that malware," he explained.

"It's one of the disadvantages of operating in a reactive fashion, we are behind the power curve for some time until we figure out a way to approach something close to parity."

Copyright ©v3.co.uk


 
 
 
Top Stories
Making a case for collaboration
[Blog post] Tap into your company’s people power.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
Tracking the year of CIO churn
[Blog post] Who shone through in 12 months of disruption?
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  69%
 
Advanced persistent threats
  4%
 
Unpatched or unsupported software vulnerabilities
  10%
 
Denial of service attacks
  6%
 
Insider threats
  11%
TOTAL VOTES: 1077

Vote