Using a honeynet of three systems, researchers said they tracked more than 100 botnets in the past four months. Some botnets had only a few hundred bots while some had up to 50,000 hosts.
A botnet is "nothing more than a tool," with the most common uses criminally motivated, researchers said. Botnets are used to launch denial-of-service attacks, spam, sniff traffic, spread new malware, manipulate online polls and games, and for mass identity theft, they said.
Phishing, which tries to con people into divulging their personal data through bogus emails and web sites, can use botnets to generate the fake emails through their spamming mechanism, according to the report. The same bots also can host fake websites.
"Our research shows that some attackers are highly skilled and organized, potentially belonging to well organized crime structures," researchers said in their report. "Leveraging the power of several thousand bots, its is viable to take down almost any website or network instantly. Even in unskilled hands, it should be obvious that botnets are a loaded and powerful weapon."
The report, entitled "Know Your Enemy: Tracking Botnets," is available at www.honeynet.org