By Kelly Jackson Higgins
March 31, 2009
Big-name botnets like Kraken/Bobax, Srizbi, Rustock, the former Storm --
and even the possible botnet-in-waiting, Conficker -- have gained plenty
of notoriety, but it's the smaller and less conspicuous ones you can't
see that are doing the most damage in the enterprise.
These mini-botnets range in size from tensto thousands versus the
hundreds of thousands, or even millions, of bots that the biggest
botnets deploy. They are typically specialized and built to target an
organization or person, stealing corporate and personal information,
often without a trace. They don't attract the attention of the big
spamming botnets that cast a wide net and generate lots of traffic;
instead they strike quietly, under the radar.
"There's definitely specialization [in botnets] these days," says Joe
Stewart, senior director of malware research for SecureWorks. "There are
botnets designed for fraud, and they have been around for a while and
don't seem to cross over [with the bigger spamming botnets]," he says.
These mini-botnets specialize in identity theft, fraud, and stealing
corporate information, and are much more difficult to spot and
infiltrate than a big spamming botnet. "We have to rely on the few
anecdotal instances, where we've managed to get a look at the back-end,"
Best Selling Security Books and More!