McAfee: New botnets dwarf Conficker threat
The Conficker worm, which has set off many a recent security alarm bell, may just be a small fry, compared to the growing number of botnets, viruses, and worms infecting cyberspace.
According to a report released on Tuesday from security vendor McAfee (PDF), cybercriminals have hijacked 12 million new computers since January with an array of new malware. This represents a 50 percent increase in the number of "zombie" computers over 2008.
(Credit:
McAfee)
The United States now hosts the world's largest percentage of infected computers, 18 percent, according to the McAfee report. China is next on McAfee's list, hosting 13.4 percent of the world's infected PCs.
"The massive expansion of these botnets provides cybercriminals with the infrastructure they need to flood the Web with malware," Jeff Green, senior vice president of McAfee Avert Labs, said in a statement. "Essentially, this is cybercrime enablement."
The McAfee report doesn't minimize the danger from the Conficker worm but says other threats that haven't received media attention may pose greater risk. One piece of malware, the Vundo Trojan horse, has been especially active the past three months. Botnets using Web 2.0 technology via social networks also are on the rise. The recent Koobface virus infected thousands of Facebook users, for example, as it was passed along from friend to friend.
Spam levels are threatening to rise again, the report adds. Spam had dipped 30 percent from its peak in the third quarter of 2008 after last November's shutdown of McColo, a major spam-hosting Internet service provider. But since then, the volume of spam has shot up 70 percent. McAfee expects that number to grow to its 2008 level, even though spammers are taking longer than expected to recover from the McColo takedown.
(Credit:
McAfee)
The report challenges one myth--that cybercriminals based in Eastern Europe favor Western targets. Instead, McAfee has found no boundaries for cyberthreats. It notes that key Russian and Eastern European government agencies and corporations have themselves been compromised, and that spammers are hitting more countries with worms and botnets in an effort to spread their efforts globally.
Lance Whitney wears a few different technology hats--journalist, Web developer, and software trainer. He's a contributing editor for Microsoft TechNet Magazine and writes for other computer publications and Web sites. You can follow Lance on Twitter at @lancewhit. Lance is a member of the CNET Blog Network, and he is not an employee of CNET. 
Even more interesting being that Mac's are retardedly easy to crack because they have no countermeasures at all most of the time, unlike Windows - because they're so virgin to the real world where things of value are actually stored on them in enough quantity to attract hackers. After all, the MacBook was the first one to be cracked once browsers were allowed, simply because the players in the competition did not have to fight through countermeasures - just find a niche and exploit it.
Face it, AppleRocks1963, all OS's have their pro's and cons. However, security through obscurity is not a pro in the Mac's corner - you're just delusional if you believe it is.
I love your response!
I also wonder why the Apple Fanboiz (lol) never seem to remember than in 2 years running, back-to-back, their OS has been the first and easiest to crack, yet they claim "secure right out of the box".
I think that's laughable.
A self replicating program cannot install itself on a Mac and spread through a network without direct user knowledge. It cant happen. If it can, please explain....
Before a little over a 2 years ago, Windows allowed just about anything to happen without user knowledge. It took Microsoft until XPSP3 to start filling the gaping holes in their OS.
There is just no denying that MS sat on their hands much, much too long.. and lazily relied on 3rd party solutions for their OWN security issues. Mom and Pa shouldn't have to know where to find "free AV" software... they should have to be left out in the cold when the preinstalled Norton stops working.
No matter how you spin Mac/PC security.. it's the PC side that has the problem. Some computer nerd that spend weeks coming up with an exploit that he needed physical access to implement is not the same as MILLIONS of dollars spent each year just to keep an OS running! It amazes me that so many people thinks MS laziness is OK!!!
That only happened in a controlled environment. It required an action from the user (clicking a malicious link). These things do not happen to Macintosh computers in the wild. But Windows computers can't spend 1 hour on the Internet without being bombarded by viruses, trojan horses, worms, spyware, adware, and just general malware. My neighbours asked me to help them with their Windows XP machine this past week. I couldn't even open up and run the antivirus software. It kept launching ads and a fake antivirus program instead. It wouldn't even respond to mouse clicks eventually. I had to boot it into safe mode and install a new antivirus program. The blasted thing kept opening ads in IE (worst browser ever). It eventually found 116 infected files. Once cleaned, the system was incapable of booting up normally. I did save all the user data and had to reinstall Windows XP. I tried to talk them into running Xubuntu, but as is most common, they had no idea how to do anything but tool around in Windows. This is a prime example of a regular user experience, and why I will never use a Windows machine as my primary computer. There are too many superior alternatives out there. There is no reason why any sane, rational human being would purposely subject themselves to Windows.
Oh, and the next day, my other neighbour called me in a panic. Microsoft Word had erased half of her research paper. I've never seen Open Office or Pages or AbiWord or any other word processor/desktop publishing program do that. Only a Microsoft product would commit such an egregious sin.
Does it matter how long it took for the exploit to be found?
It was still found and weeks is not that long of a time to find a exploit most exploits in Windows take months or years to find.
http://news.cnet.com/8301-1009_3-10154662-83.html
The Macintosh and base Linux kernel operating systems have dominated the top spots for vulnerabilities by operating system over the past three years
If you actually read the article, those were numbers on the amount of vulnerabilities that were disclosed to the public. The article said nothing about how severe those vulnerabilities were or if they were being used. Might I suggest a course on improving your reading comprehension?
It doesn't matter still more vulnerabilities my friend.
That is not what the article said, please reread it.
Amen
http://www.appleinsider.com/articles/09/05/04/macbooks_sweep_latest_consumer_reports_scores.html
I love your FUD ridden views the average user will never touch the registry.
And I find it funny you point out us using the command prompt thats why that a good majority of the solutions to Apple problems require typing commands in the terminal?
Name one.
Your comments and link to the AppleInsider blog posting have already been debunked as incomplete and misleading. You need to actually subscribe to the consumer reports site to get to the article content which only compares laptop hardware, not operating systems.
It wasn't a comparison of OS X and Windows at all. You would know this if you read the original article instead of taking a blog posting as your evidence.
If you insist on continuing to use Windows, please, for the love of God, use anti-malware programs!
In Vista UAC stops any unauthorized programs from running.
Its not like you can just put a Windows machine on the internet and have it hacked with no user cooperation.
I think your paycheck from Apple is in your mailbox better go get it.
[Editors' note: Personal attack deleted]
I can surf the same web sites, carry out the same actions as a computer running Windows, yet my Macintosh or Linux machine is virus free. And even if a trojan horse or worm is downloaded onto one of my machines in an e-mail, it never executes. And by some miracle it ever did, it'd only infect that user, not the entire OS, as is the case with Windows.
Please stop engaging in trolling and flaming. Personal attacks are against policy.
In Vista UAC stops any unauthorized programs from running.
----------------------------------------------------------------------------
ROFLMAO!
Oh wow, thanks monkeyboy. I haven't laughed that hard in days.
The only malware I ever find on my parents' macs is that stupid HP phone home software they install with printer drivers, even when you say not to. ;)
The combined wealth of billions of Windows PC's are much more then a few Mac's and the assumptions that only poor people buy PC's is what stops people from buying Mac's in the first place.
Let me give you a lesson in marketing generally insulting your potential customers doesn't make sales.
there are 1000 people in a room
900 average people have $25 for a total of $22500
100 rich people have $100 for a total of $10000
if you were told that you can scam all of the same type of people with one technique
what group of people will you try harder to scam?
I find it interesting how you call Americans stupid even though we are the most advanced country in the world how ironic.
Your misuse of the word "ironic" only proves my point and it doesn't change the fact that most people are too lazy or stupid to understand how to secure their computers. Computers aren't enthusiast machines anymore. They have been relegated to the realm of appliances. Very few people ever take the time to learn the inner workings of their appliances.
To paraphrase George Carlin, "you know how stupid the average person is? Think for a moment that half the people are dumber than that!"
Now the Mac botnet is alive and well. Those infected never even know it is happening. They never know that their personal information is now being broadcast to the highest bidder. :/
Everyone should take precautions with their online activity. Just be sensible regardless what OS you are running because in the end, they all get compromised.
Should the article also note that to become part of the Mac botnet you have to:
1 - Go download some stolen software from a warez site
2 - Give your admin password to install it on your computer
3 - Congrats, your now part of the Mac botnet.
There's no system that can protect against that kind of stupid.
- by Dalkorian May 6, 2009 9:38 AM PDT
- Reading these comments, I'm starting to think the biggest problem is the fact that some people have trouble distinguishing between a virus (a piece of code that is capable of copying itself and typically has a detrimental effect), a worm (a self-replicating program able to propagate itself across a network, typically having a detrimental effect) and a trojan horse (a program designed to breach the security of a computer system while ostensibly performing some innocuous function - in simple terms malware that tricks the user into installing it). Once we get people to figure out they are different flavors of malware, we can start teaching them something about security.
- Like this Reply to this comment
-
(38 Comments)Until then, they'll just keep defending winblows. Why? Because they don't see viruses, worms and trojan horses around them, they just see "malware" (typically misnamed "virus" by them, likely because it's become such a common term thanks in part to the swiss cheese security winblows has always and likely always will suffer). Every OS ever designed by man has and will be vulnerable to trojans due to the nature of them, therefore all OS's are "lacking in security" to the winblows user.