AOH :: IS1907.HTM

Attack Of The Mini-Botnets

Attack Of The Mini-Botnets
Attack Of The Mini-Botnets 

By Kelly Jackson Higgins
March 31, 2009

Big-name botnets like Kraken/Bobax, Srizbi, Rustock, the former Storm -- 
and even the possible botnet-in-waiting, Conficker -- have gained plenty 
of notoriety, but it's the smaller and less conspicuous ones you can't 
see that are doing the most damage in the enterprise.

These mini-botnets range in size from tensto thousands versus the 
hundreds of thousands, or even millions, of bots that the biggest 
botnets deploy. They are typically specialized and built to target an 
organization or person, stealing corporate and personal information, 
often without a trace. They don't attract the attention of the big 
spamming botnets that cast a wide net and generate lots of traffic; 
instead they strike quietly, under the radar.

"There's definitely specialization [in botnets] these days," says Joe 
Stewart, senior director of malware research for SecureWorks. "There are 
botnets designed for fraud, and they have been around for a while and 
don't seem to cross over [with the bigger spamming botnets]," he says.

These mini-botnets specialize in identity theft, fraud, and stealing 
corporate information, and are much more difficult to spot and 
infiltrate than a big spamming botnet. "We have to rely on the few 
anecdotal instances, where we've managed to get a look at the back-end," 
Stewart says.


Best Selling Security Books and More! 

Site design & layout copyright © 1986-2014 CodeGods