Zombie networks and cyber wars
Link: Zombie networks and cyber wars
The HoneyNet Project has reported that massive networks of zombie computers are being used for identity theft, installation of spyware - and for attacking each other.
The findings are published in the paper KYE: Tracking Botnets, which summarises the findings of German research into 100 different bot nets, which found that some networks comrpised of more than 50,000 individual machines.
The key motivation in establishing zombie networks is financial, with the spread of malware - spyware, adware, and trojan keylogging software - all specific aims.
However, astonishingly, the researchers also found bot nets involved in cyber wars - which can involve different bot nets attacking one another via Distributed Denial of Service attacks (DDoS) - as different criminal gangs attempt to disrupt competitors.
Interestly, it was also revealed that bot nets could be involved in Google AdSense fraud, with such networks being used to provide a wide range of IPs from which to provide automated clicks on their own AdSense programs, delivering increased revenues.
In the more concise article at CNET, Zombie PCs being sent to steal IDs, some of the more bizarre methods, and future developments, of bot nets were revealed:
In one case, bot software detected whether the game “Diablo II” was installed on the host PC. If the game was present, the program would steal items from the player’s characters and drop them at preplanned places in the online game world. The bot net’s controller would then collect the items and sell them on auction site eBay, Holz said.
Future bot nets will likely move to peer-to-peer communications, which are harder to intercept and shut down. Moreover, there is a trend toward smaller numbers of bots in each network–a measure that makes the collection of compromised computers that much harder to detect, he said. While a network of 3,000 to 8,000 computers is harder to detect than one of 20,000, it can be as damaging.
[…] In the meantime, it is unlikely to remain an isolated case - Platinax News reported last year about the use of botnets for PPC fraud - so expect to see further botnets for PPC clickfraud to be revealed. […]
Pingback by Platinax News » PPC clickfraud botnet found — May 21, 2006 @ 1:34 pm