Botnet Superhighway: 1 in 3 Infected PCs Is a Zombie Computer, Microsoft SIRv9

Data from Microsoft's Security Intelligence Report volume 9 delivers insight on the global botnet problem and the cybercriminals controlling networks of zombie computers. "Zombie are used for a variety of illegal activities online without users knowing their PC's controlled remotely by cybercriminal. Attackers can leverage botnets to send spam, for phishing attempts, Denial of Service […]

Data from Microsoft's Security Intelligence Report volume 9 delivers insight on the global botnet problem and the cybercriminals controlling networks of zombie computers. "Zombie are used for a variety of illegal activities online without users knowing their PC's controlled remotely by cybercriminal. Attackers can leverage botnets to send spam, for phishing attempts, Denial of Service (DoS, online fraud, sensitive data theft. In addition, botnets can be used as a distribution channel for new malicious code," revealed Ina Ragragio.

"That's where botnets come in. Win32/Waledac, one of the largest botnets, isn't only known as one of the most notorious spamming bots ever, it’s also known to download and install rogue antivirus software, such as Win32/FakeSpypro, on compromised PC," Ragragio added.

"Most bot families, including Win32/Alureon, Win32/Hamweq, and Win32/IRCbot, are capable of downloading and executing arbitrary files, which may be configured to be malware."

The following chart shows how many of the top botnets from 2Q10 are built to download and distribute other files:

[Source]