Slashdot Mirror


Top Botnets Control Some 1 Million Hijacked Computers

Puskas writes "Joe Stewart is the director of malware research at SecureWorks, and presented a dire view of the current botnet landscape at the RSA conference this week. He conducted a survey of the top spamming 'nets, extrapolating their size from the volume of emails that flow across the internet. By his calculations, the top 11 networks control just over a million machines, hitting inboxes with some 100 billion messages a day. 'The botnet at the top of the chart is Srizbi. According to Stewart, this botnet — which also goes by the names "Cbeplay" and "Exchanger" — has an estimated 315,000 bots and can blast out 60 billion messages a day. While it may not have gotten the publicity that Storm has during the last year, it's built around a much more substantial collection of hijacked computers, said Stewart. In comparison, Storm's botnet counts just 85,000 machines, only 35,000 of which are set up to send spam. Storm, in fact, is No. 5 on Stewart's list.'"

5 of 250 comments (clear)

  1. How do I tell...? by AdamTrace · · Score: 4, Interesting

    I'm a smart software developer, so I'm pretty sure my computer is not affected (secured hardware firewall, etc). But how can I be sure?

    I don't necessarily trust that a clean-virus scan means a whole lot.

    What's the best way to make this determination?

  2. Why don't the ISPs do something? by pembo13 · · Score: 4, Interesting

    They obviously don't have a problem with tracking down and monitoring people. And they apperantly have bandwidth issue. Why don't they basically mail merge to SELECT * FROM `customers` WHERE `customers`.isinfected? Simple, cheap snail mail... nothing fancy.

    --
    "Thanks for all the money you paid to us. We've used it to buy off ISO among other things" -Microsoft
  3. My wife's notebook is one of them by should_be_linear · · Score: 4, Interesting

    God knows I installed on that notebook each and every Anti-Spyware, Antivirus, Anti-everything in order to get rid of it. I traveled each and every "advisory" site with my HijackThis logs, removed numerous keys from registry. Still, every now and then goddamn popup window with site "pc-on-internet.com" appears. I spent altogether perhaps 3 working days trying to remove stupid thing, there is lot of data and SW installed so I am trying to avoid re-installation. Now I am in sitting-in-the-corner-and-crying phase.

    --
    839*929
  4. Re:Just a thought... by Umuri · · Score: 3, Interesting

    Most infections actually patch and update machines they infect. Once they get in they seal the door behind them, as well as try to remove any competing infections already on the machine. That way they don't get their zombie stolen from them.

    --
    You never realize how much manually made unmanaged "linked" lists suck, till you have src.link.link.link.link...
  5. Re:Let's see some truthful tagging by Beardo+the+Bearded · · Score: 3, Interesting

    Third time posting this link in this thread:

    Compromised Linux machines are an integral part of the botnet.

    No technology can replace determined stupidity... or just plain arrogance.

    But... you are INVINCIBLE!, right?

    --

    ---
    ECHELON is a government program to find words like bomb, jihad, plutonium, assassinate, and anarchy.