Recent figures recorded by the Shadowserver Foundation revealed that in the last 90 days, the number of computers infected by botnets has quadrupled.
The increase comes despite a slight drop in the number of botnets, leading researchers to believe that the increase has largely been to the benefit of the large, established operators in the market.
The increase has also come despite little to no increase in the volumes of new malware and viruses being discovered in the wild, leading some researchers to believe that computers are being infected through web-based attacks, most specifically, SQL injection.
Sans researcher John Bambenek noted that the increase in botnet infections seems to coincide with the appearance of large-scale SQL injection attacks, in which hundreds of thousands of individual web pages were compromised with embedded exploit code.
Bambenek said that because many security firms lack a mechanism for accurately rooting out the SQL attacks before they become widespread.
"Short of spidering the web on a consistent basis, it gets difficult to find infected sites for that malware," he explained.
"It's one of the disadvantages of operating in a reactive fashion, we are behind the power curve for some time until we figure out a way to approach something close to parity."
Botnet ranks exploding
By Shaun Nichols on Sep 3, 2008 3:38PM