IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

"Bots" Fastest Growing Malware Threat

Malware menace now "significant focus" for tech support services, identity management firms and law enforcement.

Predicting that bots will be the fastest growing malware threat of the year, Sana Security issued a security warning to Internet users about the increasing danger posed by malicious Web robots, or simply "bots," and about the increasing use of a new, stealthy variant based on peer-to-peer technology that makes them even harder to detect and remove. Already surpassing the 413 percent growth rate seen for rootkits last year, the bot problem, in Sana's view, will far exceed this, and has already become a significant area of focus for online tech support services, credit monitoring companies, and many other organizations serving consumers.

While such malicious bots have posed a threat for many years, recent developments are now causing those responsible for dealing with them to express much greater concern than before. First, bot makers are now employing peer-to-peer technologies to enable bots to communicate amongst themselves and with the botmaster controlling them, making them "invisible" on the network and making bot networks much more difficult to track down and dismantle.

Also, rootkit and stealth technologies such as polymorphism are being used more frequently to hide infections and frustrate removal. Second, due to the boom in the number of people conducting commerce on the Internet, bots are engaging in more sinister and profit-oriented kinds of exploits, including identity theft, distributed denial of service attacks, password and username theft, click fraud, "phishing," key logging, generating spam e-mail and even spreading other malware.

"Data collected by Sana shows that bots now represent 43 percent of all the malware we are observing in the wild, and we are confident that the growth in bots this year will far surpass the 413 percent growth rate for rootkits last year," said Don Listwin, CEO for Sana Security. "Most of the growth statistics out there fail to account for the rapid increase in the use of stealthy technologies such as P2P communications that hide these bots from the network detection methods used to compile these statistics, and these new bots are literally flying in under the radar."

Most recently, the FBI and the U.S. Department of Justice announced they had identified more than 1 million botnet crime victims in the U.S. as part of Operation Bot Roast, an ongoing and coordinated initiative to disrupt and dismantle these botnets. Operation Bot Roast was launched because the national security implications of the growing botnet threat are broad. "The majority of the victims are not even aware that their computers have been compromised or their personal information exploited," said FBI assistant director James Finch, who heads the FBI's Cyber Division.

The U.S. Department of Homeland Security, in a recent document, calls bots and bot networks "one of the rising problems in today's networks," and says they can be found on all networks, including government and military, academic and corporate enterprise systems. According to the DHS, most malicious bots are not designed to act alone, but rather as a member of a bot network, or "botnet," and while some botnets have been seen with thousands of members, even a few hundred bots in a channel can cause significant damage. Bots are almost always placed on the victim's computer without the knowledge of the computer's owner, and remain silent until given commands, but some may "report for duty" with a word, phrase, or even a dot or period in a command channel.

An Issue for Tech Support Service Providers

Most computer users are not even aware that their systems have been compromised by bots, reports YourTechOnline. Usually it's when the customer begins to notice the performance of their system has degraded somewhat someone is called in to fix it. Only then do they find the customer's computer has become a "zombie" that has started working mindlessly for someone else.

An increasing number of these zombie computers have been enlisted as spam relays, and many customers say their Internet service provider has locked their account until they get their computers cleaned up. Other customers' computers have been used by their botmasters to participate in distributed denial of service (DDoS) attacks.

"Users probably don't realize that by allowing their computers to become part of a DDoS attack, they may be committing a federal offence, and it's the responsibility of all computer users to verify that their computer has not become hijacked by this kind of malware," said Dhugael McLean, chief technology officer for YourTechOnline. "It's a shame, but many people mistakenly think they have to resort to reformatting their hard disk and thus losing all their important data to rid themselves of this malware, when a call to YourTechOnline can solve their problem in less than an hour with no loss of data."

An Issue for Identity Management Solution Providers

As many as 9 million Americans each year have been victimized by some form of identity theft or fraud, which translates into billions of dollars in costs and unforeseen hours to resolve the problem. Last year, according to the Federal Trade Commission, direct out-of-pocket losses to consumers resulting from identity theft totaled $5 billion, and as many as one in every eight adults has been victimized by identity thieves in the past five years.

"Historically, companies in our industry have been reactive, looking for signs of identity theft after it has already occurred. In order to prevent identity theft, you need to stop the thieves before they access your personal information," said Tim Walston, vice president, Consumer Direct at Intersections Inc. "We think there's a Web 'tsunami' building as many more consumers go online to shop, bank, entertain, and store their personal data. That's where the fish are, and that's where the thieves will go fishing."

According to Walston, consumers face danger from bots because bots can steal user names and passwords used to access financial and other Web sites, as well as other personal information stored on their computers and send this information back to the botmaster.

Intersections points to a disturbing trend in Web usage as more and more young people participate in various social networking sites typified by MySpace where they publicly share their personal details online.