Slashdot Mirror

← Back to Stories (view on slashdot.org)

25 Percent of All Computers in a Botnet?

Posted by Zonk on from the you-might-be-one-of-them dept.

Beckham's_Ponytail writes to mention an Ars Technica article, with some disturbing news out of the World Economic Forum in Davos, Switzerland. Vint Cerf, one of the 'fathers of the internet', has stated that the number of botnets online is larger than believed. So large, in fact, that he estimates that at this point one in four computers is infected with botnet software. We've discussed the rise of botnets numerous times here on Slashot, but the image of 150 million infected computers is more than a little bit sobering. With the extremely lucrative activities that can be done with botnets (such as password ripping, spamming, DDoSing), as well as reports of organized crime adopting 'cyber-terrorism' as a new line of income, is it likely that law enforcement will ever be able to curb this particular bane?

7 of 408 comments (clear)

  1. Re:Request by beakerMeep · · Score: 3, Informative

    i think a bot is just a virus/trojan/rootkit in terms of dectection/removal. I think it's named "bot" is more because of it's function. ex: sleeping and waiting for commands from the bad guy to start spamming email.

    --
    meep
  2. Ramen worm by TypoNAM · · Score: 3, Informative

    Like the ramen worm that effected most Redhat systems and then disabled the exploits it used? http://news.com.com/2009-1001-251311.html

    --
    This space is not for rent.
  3. Re:Request by bigberk · · Score: 5, Informative

    One interesting method is to query an anti-spam database using your IP address, and see if you are listed as a spam source. Quick checks can be done at robtex or dnsstuff.

    If your IP address shows up on PSBL, CBL, SpamCop, or WPBL your host is probably infected and a source of spam or other abuse.

  4. Re:Request by mrtexe · · Score: 4, Informative

    For Windows, use IE to go to Safety.live.com - Microsoft's official online free spyware, virus detector/remover (choose your language)

  5. Re:Request by sporkme · · Score: 4, Informative

    Does anyone know a utility/website for detecting and cleaning bots?
    I use a can of airduster, a cotton swab and an alochol solution to clean my bots.

    There are a bunch of port scanner sites out there that can check the integrity of your firewall. DSL Reports has a decent one if memory serves. Use Spybot Search & Destroy, LavaSoft AdAware and a good antivirus like AVG or Avast. If you suspect that there is unwanted network traffic to and from your system, use Ethereal to see where it is going to and coming from. If you suspect an exploit of Internet Explorer, HijackThis can shed some light on it. Check the task manager process tab for suspicious looking entries and Google them. Lay off the pr0n! and v1agr@ emails.

    By far the most powerful and versatile utility is The Geek Down The Street (TM), possibly surpassed by Your Local Computer Repair Shop (TM). Ultimately, there is no replacememnt for smart practices and secure software. Use an alternative browser like Firefox or Opera, or better yet pop on over to http://www.linux.org/dist/ and take your pick.
    --
    FairTax baby!
  6. Re:How to stop the bots by Bodhammer · · Score: 3, Informative

    You can make yourself Slipstreamed XP Install disks with SP2 so you don't get infected. See
    http://www.winsupersite.com/showcase/windowsxp_sp2 _slipstream.asp or http://www.theeldergeek.com/slipstreamed_xpsp2_cd. htm. It is well worth the time. Make a disk for next time.

    --
    "I say we take off, nuke the site from orbit. It's the only way to be sure."
  7. Re:Just install linux by fleischdot · · Score: 3, Informative

    Well, this friday i've desinfected two of our (linux)servers which have been infiltrated by abusing vulnurable CRM Software (customers installations). It doesn't matter if you jail this software and put it behind firewalls; these days it also doesn't matter what kind of architecture your server hardware is. It's way enough having a simple webserver with scripting capabilities and one single hole in the web software. The toolbox of todays crackers (or should i name them botnet consultants?) is huge enough to have success with simple trial and error. If the machines refuses to run x86 binaries, there are plenty of perl and/or php scripts doing the same stuff. Today was really frustrating since i found 3 Megs of well-designed tools and good code on a formerly known secure machine. The quality of the tools leads me to the thought that a) crackers are well organized and b) paid for their work. Another frustrating part is the communication with different abuse helpdesks to track down this crap. Not to mention that all ended up in romania... Sorry for sarcasm, but do you have *ANY* laws?

    Oh... this is not my day, even slashdot's captcha offers me "punisher" ... i ask myself, why always me??