Feeds

Rise of the Botnets

Get in touch with your inner zombie

  • alert
  • submit to reddit

Securing Web Applications Made Simple and Scalable

The first half of 2004 saw a huge increase in zombie PCs. Also called bots, their average numbers monitored by security firm Symantec rose between January and June from under 2,000 to more than 30,000 per day - peaking at 75,000 on one day.

Botnets are computers infected by worms or Trojans and taken over surreptitiously by hackers and brought into networks to send spam, more viruses, or launch denial of service attacks.

Richard Archdeacon, Symantec's director of technical services, said: "Bot networks create unique problems for organisations and individual PC users as systems can be automatically upgraded with new exploits very quickly, allowing attackers to outpace efforts to patch or download security updates. We saw a steady increase in the number of bots during the reporting period. Variants of the 'Gaobot' family alone accounted for 67,000 submissions."

The latest edition of Symantec's global Internet Security Threat Report, notes that attacks against web application technologies are increasingly popular, mainly because security weaknesses are relatively easy to find. Symantec also reports that the time between the announcement of a vulnerability and the release of associated exploit code is becoming extremely short. The average vulnerability-to-exploit window is down to just 5.8 days. ®

Related stories

Telenor takes down 'massive' botnet
Phatbot arrest throws open trade in zombie PCs
The illicit trade in compromised PCs

The smart choice: opportunity from uncertainty

More from The Register

next story
Mozilla fixes CRITICAL security holes in Firefox, urges v31 upgrade
Misc memory hazards 'could be exploited' - and guess what, one's a Javascript vuln
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.