|
contents | technologies | |||||||
| More than 10,000 New Bots in 2005 Bots have emerged as the most prolific type of malicious code during 2005. According to data from PandaLabs, more than 10, 000 new samples have appeared during this year alone. Bots (or robots) are automated worms or Trojans that install themselves on computers, turning them into what is commonly known as a 'zombie' to automatically carry out actions such as sending spam. According to Luis Corrons, "Viral activity on the Internet is, at present, exceptionally high, although the principal danger is no longer fast spreading email worms, but unknown malicious code that can be used for stealing confidential data as part of online fraud routines. The creators of malicious code now concentrate their efforts on obtaining financial returns, which explains the enormous proliferation of bots, a type of malware highly suited to this purpose. Evidently, a wide-scale epidemic that attracts the interest of users and the media is not in their interests, as the aim is to ensure their creations infiltrate computers without people knowing so that they can operate maliciously for a long as possible. Most of the 10, 000 new bots that we have detected in 2005 were rooted out thanks to TruPrevent(TM) Technologies, which can determine the presence of malicious code with no need for updates." Many bots are designed to receive and execute remote attack orders. For this reason they can take a wide range of actions depending on the requirements of their creator: attacks on other computers, downloading malicious code onto the computer, etc. In general, the aim of the creators of bots is not to infect a single computer but to create a network of computers infected with a specific bot. This can generate considerable profits. For example, spyware installed on numerous computers would return a host of data that can then be sold to unscrupulous marketing companies for considerable sums of money. There are several ways to install bots on systems, including exploiting browser vulnerabilities that allow automatic download and execution of files when visiting a web page. The distribution method is the most dangerous aspect of bots, as many unknown specimens are installed on numerous computers the world over, with both users and security companies unaware of their existence. Given that traditional antiviruses can only tackle previously identified threats, they are unable to deal with unknown bots. Proactive technologies that can establish the presence of unknown malicious code on the system are needed to combat the threat. For example, since August 2004, TruPrevent proactive detection technologies from Panda Software have detected more than 23, 000 unknown malicious codes, including thousand of bots. "Proactive technologies have ceased to be simply an option and are now a genuine necessity. Those who don't have them, given the present Internet situation, are running a serious risk and will always be one step behind virus creators who look to exploit those computers that don't have this type of protection. The question is not to replace current antivirus technologies -- which are the most effective answer to known threats -- but to provide an extra layer of protection to reduce the chance of either known or unknown malicious code entering the computer to a minimum, " explains Corrons. write your comments about the article :: © 2005 Networking News :: home page |