Thursday, August 27, 2009

Why Are Botnets So Important?

The Botnet and What It Is And Does


What used to be a meaningful piece of software allowing the legitimate sharing of program processing amongst a network of business PC's has now been turned into one of the most exploited and maliciously used pieces of software in the history of the internet.

The Botnet is now being used easily and maliciously for many things including the creation or misuse of SMTP mail relays for spamming (a SPAMbot), spamdexing (the practic of dishonestly manipulating search engines), click fraud, theft of sensitive information like application serial ID's, login ID's and passwords, and financial information like credit card numbers. But the most recent and problematic attacks have been the Denial of Service attacks on Twitter, Google, Facebook and Live Journal, just to name a few. They have been said to be "Massive and sustained (DDOS) attacks...and they are not finished yet!" stated a Security expert from Symantec's Security Technology Response Group.

The twitter attacks were one of the easiest to implement.

A trojan horse called Downloader.Sninfs was using Twitter's @update account to deliver commands to infected PC's. It posted links for web updates just like any account holder would. Then the unsuspecting users clicked on the links and received and spread the commands. After enough people did this, it created the DDOS attack in which we are all familiar with. The account on Twitter has since been disabled and is under investigation.

The botnet works by installing malicious software through what is known as "drive by downloads". These are downloads in which the user has authorized the download without fully understanding the consequences, or maybe unknowingly downloads a virus that is tacked on to an Active X control. The botnet's originator, or "Bot Herder", can then remotely compromise your PC and the network it is on rendering it a zombie.

The scariest thing about a botnet is that you most likely won't even know that you are infected unless you know what you are looking for! This is because most PC's involved in a botnet work normally. They hide their code within legitimate applications and email, and you are spreading them unknowingly but willingly. So what are you supposed to do about it? Tune in next time for solutions and tips and tricks for sniffing out a botnet and removing it from your machine...

Isn't it time to take back your PC?

No comments:

View My Portfolio & Samples

View Samples at Virtual Copy and JC Torpey's Portfolio.

Get writing tips and general news at the VCopy Blog.