Botnet 'Weather Report' Shows Power Of Botnets

The Weather Report 2009 explains how botnets are identified and tracked and examines their technical architecture

February 11, 2010

2 Min Read


Latest Botnet Weather Report from Prolexic details how:

* Criminals and political states alike sponsor the development of cyber warfare capabilities * Botnets are deployed in increasingly varied activities * Sponsors of online crime remain elusive

The global leader in Distributed Denial of Service (DDoS) mitigation services, Prolexic Technologies, today announces its latest study of the evolution of botnets. The Weather Report 2009 - incorporating a Botnet Activity Update and White Paper - explains how botnets are identified and tracked and examines their technical architecture, multiple deployments and the hierarchy of an attack.

Compromised PCs, or bots, are the weapons used to launch wide ranging attacks, from DDoS to clandestine intelligence gathering operations. Prolexic is currently tracking about 4300 command and control servers (C&Cs) which manipulate millions of bots. Bot-herders often have multiple C&Cs as well as knowledge of the IP addresses of the captured zombie hosts. Hence the bot-herders are able to reach out to previously infected bots, sometimes sparking botnet takeover battles with other bot-herders.

The Weather Report reveals how cyber criminals have created new capabilities to support increasingly sophisticated, organized attacks such as Data and Identity Theft (torpig), Government Cyber Espionage (Ghostnet), and even RansomWare (Hexzone). Still, the largest and most damaging botnets continue to be dedicated to DDoS attacks. Prolexic's report notes that state sponsored, advanced offensive, cyber warfare capabilities are led by the USA, Israel and China, with the UK unofficially admitting to having an offensive capability.

Paul Sop, CTO at Prolexic, says: "Discovering the motive behind an attack is important in tracking down the perpetrators. At present attacks are relatively untraceable - they can be launched from any location and the bot-herders work as anonymous mercenaries. The sponsors feel they have much to gain and little to risk and from this tower of immunity, and they will continue to sponsor increasingly sophisticated ways to herd and deploy botnets."

About Prolexic Technologies

Founded in 2003 and based in Hollywood, FL, USA, Prolexic Technologies provides global, leading edge services that protect Internet businesses from the debilitating service disruptions that can be caused by DDoS attacks. Prolexic's customers can be rest assured that their network borders are secure, allowing them to focus on their businesses.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights