Botnet ranks exploding

Powered by SC Magazine
 

The number of computers currently controlled by botnets has exploded in recent months, say researchers.

The number of computers currently controlled by botnets has exploded in recent months, say researchers.

Recent figures recorded by the Shadowserver Foundation revealed that in the last 90 days, the number of computers infected by botnets has quadrupled.

The increase comes despite a slight drop in the number of botnets, leading researchers to believe that the increase has largely been to the benefit of the large, established operators in the market.

The increase has also come despite little to no increase in the volumes of new malware and viruses being discovered in the wild, leading some researchers to believe that computers are being infected through web-based attacks, most specifically, SQL injection.

Sans researcher John Bambenek noted that the increase in botnet infections seems to coincide with the appearance of large-scale SQL injection attacks, in which hundreds of thousands of individual web pages were compromised with embedded exploit code.

Bambenek said that because many security firms lack a mechanism for accurately rooting out the SQL attacks before they become widespread.

"Short of spidering the web on a consistent basis, it gets difficult to find infected sites for that malware," he explained.

"It's one of the disadvantages of operating in a reactive fashion, we are behind the power curve for some time until we figure out a way to approach something close to parity."

Copyright ©v3.co.uk


 
 
 
Top Stories
ATO shaves $4m off IT contractor panel
Reform cuts admin burden, introduces KPIs.
 
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  13%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  14%
 
Software development
  25%
TOTAL VOTES: 436

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  54%
 
No
  46%
TOTAL VOTES: 210

Vote