[Year 12 IT Apps] Botnets, rootkits, spam - some fascinating figures for U4O2

Mark Kelly kel at mckinnonsc.vic.edu.au
Wed May 6 10:20:44 EST 2009


Useful for U4O2...

http://www.wired.com/threatlevel/2009/05/botnets-took-control-of-12-million-new-ips-this-year/

Botnet criminals have taken control of almost 12 million new IP 
addresses since January.

Researchers attribute the explosion to botnet controllers trying to 
recoup spamming abilities after authorities took down a hosting facility 
last year that catered to international firms and syndicates involved in 
spamming and botnet control.

Researchers estimated that spam levels dropped about 60 percent after 
the hosting facility was closed. Last year at this time, an average of 
153 billion spam messages were sent per day, while numbers in March this 
year show that the rate was on average about 100 billion messages per day.


Threat Level Privacy, Crime and Security Online
Botnets Took Control of 12 Million New IPs this Year

     * By Kim Zetter Email Author
     * May 5, 2009  |
     * 1:39 pm  |
     * Categories: Crime

shadowy-computerBotnet criminals have taken control of almost 12 million 
new IP addresses since January, according to a quarterly report (.pdf) 
from anti-virus firm, McAfee. The United States has the largest number 
of botnet-controlled machines, with 18 percent of them based here.

The number of zombie machines represents a 50-percent rise over last year.

Researchers attribute the explosion to botnet controllers trying to 
recoup spamming abilities after authorities took down a hosting facility 
last year that catered to international firms and syndicates involved in 
spamming and botnet control.

Researchers estimated that spam levels dropped about 60 percent after 
the hosting facility was closed. Last year at this time, an average of 
153 billion spam messages were sent per day, while numbers in March this 
year show that the rate was on average about 100 billion messages per 
day. But researchers say the spam numbers will return to normal as 
criminals re-build their networks of captured computers.

In terms of the numbers of zombie machines by country, China came in 
second after the United States, with about 13 percent. After this, the 
numbers dropped precipitously to 6 percent in Australia.

70 gigabytes of data being stolen from computers remotely-controlled by 
[one] botnet, including financial data. The harvested data included 1.2 
million Windows passwords and 1.2 million e-mail items, such as e-mail 
addresses and log-in credentials.

“In ten days, Torpig obtained the credentials of 8,310 accounts at 410 
different [financial] institutions...

[The botnet's] malware attacks e-mail clients and other applications to 
record every keystroke entered by a victim, including passwords before 
they’re encrypted. The purloined data is uploaded every 20 minutes in 
bundles sent to the botnet’s controllers.

The botnet is controlled by the Mebroot rootkit, which “takes control of 
a machine by replacing the system’s Master Boot Record (MBR),” the 
researchers write. “This allows Mebroot to be executed at boot time, 
before the operating system is loaded, and to remain undetected by most 
anti-virus tools.”

Scary stuff!

-- 
Mark Kelly
Manager - Information Systems
McKinnon Secondary College
McKinnon Rd McKinnon 3204, Victoria, Australia
Direct line / Voicemail: 8520 9085
School Phone +613 8520 9000
School Fax +613 9578 9253
kel at mckinnonsc.vic.edu.au

Webmaster - http://www.mckinnonsc.vic.edu.au
IT Lecture notes: http://vceit.com
Moderator: IT Applications Mailing List

RealMenDon'tNeedSpacebars.



More information about the itapps mailing list