14 DAY TRIAL // Organizations focusing on tracking the evolution of security threats are reporting that, over the last three months, the dimension of botnets has increased about four times. “During the same time period, there isn't an appreciable increase in new malware, new viruses or anything that would obviously indicate why this is so. I imagine that the bad guys have gotten better [at] keeping machines owned, but there is one vector that we need to get much better about tracking and managing, and that's direct web-based malware.” says John Bambenek on behalf of the SANS Internet Storm Center website. The researcher believes that SQL injection attacks, which exploit vulnerabilities in the database layer of a program, are responsible for the growth of malicious networks.
ShadowServer, an organization that keeps track of the latest changes in the global malware stats, was the first to report on the surprising evolution in the size of botnets. The very fact that, over a period of 90 days, their size quadrupled, even if the number of new malware did not register the same evolution, could indeed point to the SQL injection theory. Malicious code, whether injected into strings or user-input variables, is executed by the SQL server of the network, making it vulnerable to various attacks.
Hijackers have all the reasons in the world to expand their botnets. The bigger they are, the bigger the revenues they bring. Selling them to other attackers is always a profitable option, as demand for strong malicious networks is continuously on the increase.
“Security experts estimate that 80 percent of the spam messages come from zombie computers, and it is sent either directly (by the botmaster) or indirectly (by the organizations who have rented the botnet for 'ad campaigns'). A single spammer with medium skills can get between $50,000 and $100,000 in revenue a year.” explained Bogdan Botezatu, communications expert at BitDefender, in reference to the financial possibilities offered by botnets.
Although no official statement has been made so far, many are of the opinion that the summer holidays, which kept children and teenagers (the most susceptible to fall victims to various attackers) in front of their computers for longer periods of time, could explain the increase of the number of computers drawn into botnets.