We all hate botnets and the worst part is that there is not enough we can do about it. In fact, they are spreading fast, more than ever! And this is quite evident from the Global Botnet Map, recently published by Trend Micro. The map shows active C&C (Command and Control) servers, highlighted by red dots, and bots (victim computers), highlighted by blue dots, to show where these botnets are located in the world.
Trend Micro uses its Global Threat Intelligence to gain insights and develop protection for its customers. As per the Global Botnet Map, 615 C& C servers were active in the last 14 days, while 488,251 active Botnet connections were found. Though this is a massive figure, the positive side is that by knowing exactly where command and control servers are located, Trend Micro can block them. This ensures that their customers are not served malware, or malware does not upload information stolen from their computers to the C&C servers.
Botnets are pretty pathetic in nature as they are pretty unstoppable, and grow abruptly. Not long ago, we saw an innovative fraud scheme from Europe that involved dual infections of PC and smartphones. Reports discovered a sophisticated malware and botnet system known as “Eurograbber” that has been used to steal over $47 million dollars from European victims to date.
“Botnets are the ‘cloud-computing’ of malware strategy,” says HackANGLE editor Kyt Dotson. “Not too long ago, people started to understand distributed global computing power with projects such as Beowulf clusters and the SETI@Home projects; but being able to turn an unsuspecting person’s machine into a general-purpose actor is a real benefit to bad guys. By placing arbitrary code on your machine it can become a zombie for a spam army, a sensor for an illicit network, or even a place to temporarily store illicit information.
“Businesses such as Microsoft have worked long and hard to hunt down, terminate, or neuter botnets. Groups like TrendMicro also lend their expertise to help map the spread of this type of malware and study post-mortem (or in situ) the new strategys that have emerged not just from infection types but command-and-control. We’ve even seen governments tapping into the idea of deploying or using botnets themselves to spy or control potential targets. We can expect botnets to continue to be a big deal in 2013.”
Thanks to Trend Micro, which is always after these sucking botnets. If you use Skype, you would remember the odd message coming from some of your contacts that says, “lol is this your new profile pic?” The explosion of this Trojan through various gaming communities was covered by SiliconANGLE and Trend Micro’s malware labs have identified the malware as a variant of DORKBOT. Trend Micro also noticed that it uses localization based on the geolocation of the system to choose the language of the message.