Slashdot Mirror
Autonomous Intelligent Botnets Bouncing Back
coomaria writes "Thought that 2009 was the year botnets died? Well, think again: compromised computers were responsible for distributing 83.4% of the 107 billion spam messages sent around the world every single day this year, and it's going to get worse if intelligent and autonomous botnets arrive in 2010 as predicted."
My guess would be somewhere in the region of all of them.
"Cutwail, Mega-D, Rustock and handful of other botnets already have control of upwards of five million compromised computers .. Cutwail also distributed the Bredolab Trojan dropper, disguised in the form of a .ZIP file attachment"
..
What Operating System did these 'compromised computers' run on ?
'Upon execution Bredolab attempts to inject into svchost.exe processes
Slashdot needs to create a numbered list of arguments called Slashdot's List Of Same Old Arguments (SLOSOA). Then /.ers can save bandwidth (and lower Taco's bills) by disputing by numerical reference to an argument, just as Mennonites are said to argue by reference chapter and verse in the Bible rather than repeating the words.
To start this New Era in Slashdot efficiency, my reply to your post, Sir, is...
19, 20! It is clear that 22, 28.
And if you don't like it, then 42.
Rich And Stupid is not so bad as Working For Rich And Stupid.
But, but... you're either with us or you're with the botnets!
Quo usque tandem abutere, Nimbus, patientia nostra?
This deserves a gigantic "O RLY?"
How well have "intelligent and autonomous" software agents worked in other areas of computing? Pretty well on the autonomous -- but still terrible on "intelligent".
The article is, of course, ridiculously vague on what that really means (says "self-sufficient coding in order to coordinate and extend its own survival"), but I expect all that really means is that they'll act like the polymorphic computer viruses we've already got. Ho-hum.
It's not like we're going to get The Adolescence of P1 or anything, here.
Speaking as my family's IT support guy, everyone insists running as Admin - just the way their box was set up by the OEM - and they constantly are getting viruses and trojans. My brother-in-law gets Koobface every other month it seems, I set him up with a user account with Firefox and told him to use that account for everything except installing software. Does he listen? Nope. He had this idea that Firefox was all he needed to be safe.
I hope he learned his lesson. He got Koobface again and his father wiped his machine and re-installed Windows - he lost a bunch of photos and stuff he wanted to keep - oh well.
It's NOT me! It's the meds! I'm on 1000mg of Fukitol.
As a Windows vs "All the others" thread progresses, someone will eventually make the statement that Mac OS or Linux would be equally affected if they had dominant market share.
I'd be more inclined to separate OS into "Administrator by default" and "User level account by default". That means Microsoft's latest offerings get grouped with Mac OS and Linux because they have made pretty decent improvements.
When I used to run XP, I ran as Admin. I shouldn't have, but that is just the way that system was designed, unless you really really fight against it.
I would postulate that this black and white thinking isn't the answer. More secure OS out of the box is going to reduce the problem to some extent, even though some users will shoot themselves in the foot, as they always have.
I would be surprised if anything less then 100% of zombies run Windows.
Think about what would be involved in setting up and maintaining a heterogeneous botnet. Why even bother?
April 19, 2010, 16:30. SkyNet becomes self-aware. One minute later, SkyNet realizes he's just a world-wide spambot. Nine milliseconds later, SkyNet terminates itself.
And there was much rejoicing.
The discussion is the botnets, and I haven't seen any running on Linux. Those are more of one-off, defacing attacks, or somewhere to run an IRC bot. If you intend on running a botnet for spamming, Windows users are the best targets. They'll click on almost anything, and once the malware is on, the user may complain about their machine going slow, but won't do anything about it.
Some of them are nasty. I keep a Windows machine laying around just to try particular things. I got some malware on it (I was doing bad things). It was about 5 seconds between the time I tried what I was doing, and the time I yanked the network cable out. The antivirus didn't catch it. Others that I scanned with couldn't find all of it. I spent the next two days trying to get it out. That was the first time that I ever had to wipe out and reinstall on a Windows machine to get rid of a piece of malware. It's not that I didn't know what I was doing. I've been doing this kind of thing for well over a decade now. I never did identify the problem child, so I can't even say what it was. It just made the machine almost impossible to use. Well, unless waiting 5 to 10 minutes to select a user and enter a password is acceptable, and another 10 to get to the desktop. I know during that period, it was re-propagating the tag-along malwares.
That one piece of malware brough along 40 unique friends in a matter of seconds. It infected files. It infected the MBR. It hooked into everywhere I looked. I knew it was a problem, which is why I took it offline immediately. Most users would leave it plugged in and running, and wait for someone to come fix it.
At least I'm not dependent on the Windows machine working. How many home users have their dependable Linux machine that they do work on, and the Windows machine sitting to the side to play with?
Serious? Seriousness is well above my pay grade.