October 1, 2007 6:32 AM PDT
F-Secure sees smaller botnets on the rise
- Related Stories
China leads Asia in malicious online activitySeptember 20, 2007
Don't be so quick to click that Web pageJuly 10, 2007
Solving the Web security challengeJune 28, 2007
Homeland Security IT chief blamed for cyberwoesJune 20, 2007
Cyberattack in Estonia--what it really meansMay 29, 2007
Web attackers get better at hidingApril 18, 2007
- Related Blogs
Study: Botnets boosting click fraud rates on ads
July 18, 2007
Computers infected with a virus unknowingly become "zombies" in a botnet--which is a network used to send out spam and to mount further attacks on other machines. The zombie army can be controlled remotely, with the botnet creators usually trying to build the largest possible botnet of compromised computers to rent out to gangs for as little as $100 for a couple of hours.
But researchers at antivirus company F-Secure have reported seeing these large networks being broken down into smaller groups of compromised computers because the creation of large botnets is not creating as much revenue for such cybercriminals.
Mika Stahlberg, program manager of the security response team at F-Secure, said the company is still seeing very big botnets around the world but coders are no longer trying to build as big a botnet as they can because that does not make any more money than a collection of smaller botnets.
The botnet bandits are also erring on the side of caution by steering away from larger botnets, because if the central server controlling such a network goes down, then the entire botnet is lost, according to F-Secure.
"These people don't want to put all their eggs in one basket and are, therefore, running smaller botnets," Stahlberg added.
Malicious-software writers are also getting lazy, according to F-Secure, and are no longer attempting to trick companies by using increasingly complex viruses.
Sean Sullivan, technical expert at F-Secure, said virus writers can no longer beat security companies with complex codes and are therefore trying to do it by creating "malware factories" that swamp the security companies.
"It used to be a big event when a virus came along," Sullivan said, "but now we get 10,000 (malicious-software samples) a day, most of which are variations on the same code."
F-Secure employs a 16-person response team at its Finnish headquarters to monitor and detect malicious-software activity using tools such as a Google Earth mashup and a mobile-phone bunker to test viruses.
Gemma Simpson of Silicon.com reported from London.