Slashdot Mirror

← Back to Stories (view on slashdot.org)

The World's Biggest Botnets

Posted by CowboyNeal on from the poised-to-strike dept.

ancientribe writes "There's a new peer-to-peer based botnet emerging that could blow the notorious Storm away in size and sophistication, according to researchers, and it's a direct result of how Storm has changed the botnet game, with more powerful and wily botnets on the horizon. This article provides a peek at the 'new Storm' and reveals the three biggest botnets in the world (including Storm) — and what makes them tick and what they are after."

25 of 243 comments (clear)

  1. Imagine if you will by Misanthrope · · Score: 5, Insightful

    Imagine if somebody did this but donated cpu time to distributed computing projects like that one on cancer research. Force philanthropy would be rather strange and still illegal, but at least slightly more noble in a Robin Hood sort of way.

    1. Re:Imagine if you will by Deltaspectre · · Score: 4, Funny

      Or if everyone donated their CPU time to botnets!

      --
      My UID is prime... is yours?
    2. Re:Imagine if you will by Misanthrope · · Score: 5, Funny

      In Soviet Russia botnets donate cpu time to you.

  2. spam spam spam spam and more spam by User+956 · · Score: 4, Funny

    This article provides a peek at the 'new Storm' and reveals the three biggest botnets in the world (including Storm) -- and what makes them tick and what they are after.

    From the look of things, it appears that their sole purpose is to send me myspace friend requests from lonely, hot girls that have Tom as their only friend, and have selected me as the lucky person who gets to share in viewing their private, personal website, which has many photos of their naked breasts and vagina. Seriously.

    --
    The theory of relativity doesn't work right in Arkansas.
  3. Note total absence of word "Microsoft" by Animats · · Score: 5, Interesting

    It's interesting that these articles don't even mention that Microsoft's insistence on running executable content from the browser is at the heart of all these problems.

    1. Re:Note total absence of word "Microsoft" by toadlife · · Score: 4, Insightful

      Probably because it's not the heart of all these problems. The heart of all these problems is that a billion security-unaware people operate computers that are connected to the internet.

      Do you honestly think everyone switching to a different OS would solve the problem?

      --
      I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
    2. Re:Note total absence of word "Microsoft" by Shados · · Score: 4, Interesting

      In Protected Mode, IE7 on Vista is genuinly sandboxed, and throws a fit if you so much as do a right click View Source (which would run an executable: notepad by default). If the browser was actually standard compliant (sometimes by the time Duke Nuken Forever and Spore comes out I guess), it would be an excellent all around browser.

      Other stuff, like running an executable sent to you by MSN is so freagin hard it puzzles even me sometimes (I beleive by default you have to change something in the registery, or it simply will flag em and you'll never be able to so much as extract exes from a zip file). Thats probably pushing it too far, but point is, if you don't have the admin password, its relatively difficult to do something retarded aside to hit your own account (which is possible in any OS really, and even then, you get quite a few warnings).

      Something of interest, though not really related: Once I installed some game (I forget which) that tried to install a copy protection crap, and Vista actually asked me if I wanted to install it separately from the game itself (I got 2 pop ups). Said no, and it happened that this particular game would run without the copy protection...so I was able to tell it to shoo off (while my friend on XP hosed his install because of it...a patch came out the week later to fix the issue, but I never had the problem in the first place). MS is learning. Slowly.

    3. Re:Note total absence of word "Microsoft" by bit01 · · Score: 4, Insightful

      Probably because it's not the heart of all these problems. The heart of all these problems is that a billion security-unaware people operate computers that are connected to the internet.

      No, the heart of the problem is that windows, despite what M$ claims, was not be designed for those people and as a result those people make mistakes.

      Software is soft, it can be anything we want it to be, and assholes who claim that "software can't do software related things" are lying through their teeth.

      If thirty odd years ago windows had been designed responsibly we wouldn't have the mess that we have now. Amongst many other things when connected to the net they deliberately confused static data with executables and deliberately ran all programs as administrator. Things that mainframe OS' and Unix had understood and solved decades before. I can remember the very first time I saw a web page with an executable and thinking "you stupid fucking idiots". The ramifications were obvious right from the start; M$ just chose to ignore them.

      The marketing parasites, and their patsies, who to this day continue to claim that windows was not a large part of the problem are lying arseholes. M$ is slowly improving their security but they still have a long, long way to go with a culture that still tries to test for security rather than building for it. And yes, despite what some idiots claim, security and user friendliness are not mutually contradictory. In fact they are more complimentary than contradictory with well built security systems helping users to make good choices for their own safety as well as everybody else's.

      ---

      Flash = blink tag = incompetent web designer.

    4. Re:Note total absence of word "Microsoft" by fred+fleenblat · · Score: 4, Interesting

      Maybe solve isn't the right word, but switching everyone to linux (for example) would cut the infection rate to zero for about a year, until the bad guys adapted. After that it would still be way, way lower, mostly because of the better management of admin privileges.

      OLPC is potentially quite secure against naive user problems. There are plans for about a billion of these, so you'll have your answer pretty soon.

  4. security through obscurity by Anonymous Coward · · Score: 5, Funny

    Well thankfully I run Windows, which is inherently more secure than your "open source" systems. These botnet creators can look right inside your operating systems and see the vulnerabilities, whereas with Windows...

  5. The lack of mention of business security here... by downix · · Score: 4, Interesting

    All of these articles on botnets such as Storm always mention home system vulnerability...

    Well, let me point out for a second how while dangerous for a single home system to be infected, it is a world worse when a business system becomes infected.

    Within hours, typically that botnet has replicated to all of the machines on the internal network. Worse, now that botnet has access to your critical database information, consisting of customer records. Often times, the brains behind these botnets can better datamine than your business can, finding interconnections with your customers to better flood them with spam, or worse.

    At my job, one of our machines was hit with the Storm. We isolated it within minutes, but even then it still wa a close call. If I hadn't been doing a routine portscan at just the right moment, we'd have never spotted it.

    After that, the boss authorized me to begin a slow migration to Linux.

    --
    Karma Whoring for Fun and Profit.
  6. Re:Well.... by Anonymous Coward · · Score: 5, Funny

    I installed Storm on my computer and I've never been happier. Downloads are quicker, my mortgage has been refinanced, I made a fortune in the stock market, and my cock is 2 inches longer.

    excellent botnet-er, would bot again++++!++!

  7. Windows based Super Computers by flyingfsck · · Score: 5, Funny

    So the world's largest networked super computer runs Windows. It is sad really, all these hundreds of millions of computers on the planet - half of them sending spam for the other half to filter out. One would think that there should be something slightly more useful for them to do.

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!
  8. Re:Does it run on Windows? by flyingfsck · · Score: 5, Funny

    I'd feel a lot safer if you could get selinux to work on Windows...

    --
    Excuse me, but please get off my Pennisetum Clandestinum, eh!
  9. Re:Microsoft isn't the only irresponsible company by GaryOlson · · Score: 4, Interesting
    Microsoft is not the only culprit. I have a Netgear FVS124G (with the latest firmware) which has been compromised: 3 sets of packets were sent on port 80 to the router and after the last set of packets "Access rule 257 added" was logged. Access rule 257 did not show in the interface. Then the router started sending botnet check-in packets on IRC ports to various IP addresses. And, the router log showed the malware was sending traffic using every MAC address in the route table as a "compromised PC" -- even the laptop which was disconnected from my network.

    Yes, the router was still emailing me every log of all network traffic -- my traffic and the malware traffic also. Seems the malware author does not think my ability to log their traffic was significant.

    Netgear was very helpful. Tier1 tech support said securing the router was my responsibility. Asshats!

    --
    Every mans' island needs an ocean; choose your ocean carefully.
  10. Re:Does it run on Windows? by nsanders · · Score: 5, Funny

    I'd feel a lot better if I could get SELinux to work on Linux..

  11. Re:Does it run on Windows? by Torvaun · · Score: 4, Funny

    It's a well-known fact that SELinux was developed to confound hackers. It is a less-known fact that the trick is to try to get them to install it.

    --
    I see your informative link, and raise you a pithy comment.
  12. Re:Well.... by Torvaun · · Score: 4, Insightful

    No, smart people who know plenty about security punish all of us and use the clueless as their weapons. Your statement is like blaming the bullet for a murder instead of the killer. Without a functioning mind building these botnets, it wouldn't matter to us how stupid the rest of humanity is.

    --
    I see your informative link, and raise you a pithy comment.
  13. Re:Yes, free software would fix the problem. by Opportunist · · Score: 4, Informative

    Not really. There is a very simple reason why botnets are dominated (to pretty much 100%) by MS systems. Numbers. Most machines in home user hands simply are running on some kind of MS OS.

    Yes, Linux and MacOS are more secure. It's harder to slip something into the system, at best you can run with user privileges, yes, yes.

    Unless you trick the user. And that's pretty much the main infection vector today. About 95% of malware comes in the form of infected spam mails, only 5% of infections rely on system insecurities, buffer overflows or other system related security holes.

    And when you can trick the user into executing something, it's trivial to trick him also into giving the malware elevated privileges, provided you promise him something. Send someone a "tool" that promises 20% more speed or ram, but since it has to hook deeply into the system, it will require root privileges.

    Yes, you won't fall for it. But the average clueless user? After all, this thingamajig is gonna do something with your system to make it run faster, so it's kinda logic that it will need system privs.

    No system is secure from malware. Security is by definition the minimum of a system's security capabilities and its adminstrator's security capability. BOTH need to be secure to create a secure system.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  14. Re:Relevant? by Opportunist · · Score: 4, Informative

    Keep up the smack talk and I'll rent part of the botnet to DDoS you, just for kicks. Hey, it's not like renting a few 1000 boxes for a few days was expensive!

    That's how it affects you. Well, unless you can be blackmailed along the lines of "pay me X bucks or you go offline for Y days, let's see if your biz survives", it probably won't affect you, directly at least.

    How about your employer? What would happen if his internet presence, his mailserver, his means to communicate online were rendered useless for a month? Would the company survive?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  15. Windows is winning by definate · · Score: 5, Funny

    You see this is exactly why Windows is winning. Linux is still yet to provide a credible botnet to face off against the Windows botnet. There's just no comparison, Windows wins every time!

    --
    This is my footer. There are many like it, but this one is mine.
  16. Re:You Sank My Enterprise! by hedwards · · Score: 5, Interesting

    If you think you can do better than Fortune 100 support teams, you are sorely mistaken. They have all the time, money and employees they want to throw at this problem and still get their ass kicked. People trying to tweak non free software are working in the dark and will always be surprised. No matter how much they spend, they can never fix the problem.


    The reason that the corporate world has issues with bots, has far more to do with the corporate environment than it does with the security of the platforms involved. After all any sufficiently secure platform can be made insecure by allowing the wrong morons to use it.

    On my home network, I can do things like block every single incoming port and disable pretty much all of the outgoing ones as well. I can install firewall software on each computer to scan the remaining ones. I can create my own install media to remove nearly any part of windows which isn't related to the bare essentials, then install the bets antispyware software and demand that anybody that uses the computers not click on links in email.

    I'm sure there's more, but I would be surprised if I were allowed to do even that much if I were responsible for securing a corporate network.
  17. I like big... by doyoulikeworms · · Score: 4, Funny

    Botnets and I cannot lie... :)

  18. Age discrimination and I object! by SL+Baur · · Score: 5, Insightful
    From TFA:

    They have young, talented programmers apparently. If you want me to put it harshly ... "young" programmers and "young" technical managers at Microsoft who signed off on ActiveX et al, are totally at blame for the problem. We, the more elderly of the communty who programmed the internet in the first place, discarded executable content over the wire. Unshar was written for a reason!

    The sophistication of this Storm "application" is much more indicative of a mature elder programmer, who probably has read the complete cypherpunks archives. We talked about stuff like this long ago. Compare to things like the Morris worm, the two Manila children, etc. Those were intense, but brief due to coding errors and the like.

    Bah. No, these people are not children and they do know what they're doing.
  19. Re:Well.... by AndersOSU · · Score: 4, Insightful

    "internet licenses" have been discussed ad nauseum, and fact always arises that any such implementation would simply be elitist and exclusionary.

    Basically, an internet license is a bunch of computer guys telling the rest of the world that the internet is an infrastructure made for the geeks, by the geeks, and of the geeks. If you really want to join the club you can take a test so we can determine if you're suitable, but otherwise, you're unfit to participate.

    Look, you're not going to kill anyone being a bumbling participant on the internet, they way you might in a car or with a gun. Yes, it is possible that you unwittingly might cause some economic impact to someone, but is that a flaw of the user or the system? I submit a banking system that lets an ignorant user leak his personal information which can then be used to ruin their credit is broken. I further submit that a system that lets a zombie computer join thousands of other computers in a criminal enterprise is broken.

    The problem doesn't just exist between the keyboard and chair, but also in the policies, protocols, and systems that allow a new or ignorant user to fail so spectacularly.

    We should be striving to increase internet penetration to the young, the old, and the impoverished, not locking out those who can't understand our poorly built toys.