Two million US PCs recruited to botnets

Escape key on keyboard Hi-tech criminals use botnets to send out spam

Related Stories

The US leads the world in numbers of Windows PCs that are part of botnets, reveals a report.

More than 2.2 million US PCs were found to be part of botnets, networks of hijacked home computers, in the first six months of 2010, it said.

Compiled by Microsoft, the research revealed that Brazil had the second highest level of infections at 550,000.

Infections were highest in South Korea where 14.6 out of every 1000 machines were found to be enrolled in botnets.

The 240-page Microsoft report took an in-depth look at botnets which, said Cliff Evans, head of security and identity at Microsoft UK, now sat at the centre of many cybercrime operations.

The research was undertaken, he said, to alert people to the growing danger from the malicious networks.

Malicious herder

"Most people have this idea of a virus and how it used to announce itself," he said. "Few people know about botnets."

Hi-tech criminals use botnets to send out spam, phishing e-mails and launch attacks on websites. Owners of botnets also scour infected machines for information that can be sold on the underground auction sites and markets found online.

Botnets start when a virus infects a computer, either through spam or an infected web page. The virus puts the Windows machine under the control of a botnet herder.

"Once they have control of the machine they have the potential to put any kind of malicious code on there," said Mr Evans. "It becomes a distributed computing resource they then sell on to others."

Some, he said, were being worked very hard by their owners.

Start Quote

With the significant number of holes identified on the same day, businesses will be racing against time to fix them all,”

End Quote Alan Bentley senior vice-president, Lumension

Microsoft's research revealed that a botnet called Lethic sent out 56% of all botnet spam sent between March and June even though it was only on 8.3% of all known botnet IP addresses.

"It's phenomenal the amount of grip that thing has," said Mr Evans.

Evidence of how botnets were growing, he said, could be found in the number of infected machines Microsoft was freeing from the clutches of botnets.

In the three months between April and June 2010, Microsoft cleaned up more than 6.5 million infections, he said, which is twice as much as the same period in 2009.

The statistics in the report were gathered from the 600 million machines that are enrolled in Microsoft's various update services or use its Essentials and Defender security packages.

Despite the large number of people being caught out, Mr Evans said that defending against malware was straightforward.

He said people should sign up for automatic updates, make sure the applications they use are regularly patched, use anti-virus software and run a firewall.

Microsoft has just issued its largest ever list of fixes for flaws in Windows, Internet Explorer and a range of other software.

This month's update issued patches for 49 vulnerabilities, including one that plugs a hole exploited by Stuxnet, the first-known worm designed to target real-world infrastructure such as power stations, water plants and industrial units.

"With the significant number of holes identified on the same day, businesses will be racing against time to fix them all," said Alan Bentley, senior vice president at security firm Lumension.

"Not only is this Microsoft's largest patch load on record, but 23 of the vulnerabilities are rated at the most severe level," he added.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

Elsewhere on the BBC

  • ClockMore for less?

    Could spending less time in the office make you perform more efficiently?

Programmes

  • A factory in JapanThe Travel Show Watch

    Factory infatuation – why Japan’s industrial compounds are drawing large crowds at night

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.