Fastest growing malware threat: bots

Bots are the fastest growing malware threat, with more than 10,000 new variants detected last year, security firm Panda Labs said Thursday.

The company reported a 175-percent jump in new bots in 2005, making them 20 percent of the total new malware detected.

Some existing anti-virus software is not built to detect botnets, Panda said. Users alternately must implement behavior-inspection products, the firm said.

"The new focus of malware is leading to the professionalization of both the creation of malware and the search for financial returns," the company said. "For this reason, the number of variants developed in a family (of bots) could stretch into the thousands, a figure far too high for signature-based protection to cope with."

Herders are catching on to the destruction botnets can inflict on vulnerable systems, which includes blended attacks such as spam distribution and DoS launches, said Jon Oltsik, an analyst with Enterprise Strategy Group.

"As you start building botnets of hundreds of thousands of nodes, you have a lot of firepower behind that," he said. "There's a lot you can do when you have that much firepower. It's kind of like prostitution of the network."

Because bots are typically hidden and appear passive until unleashed by herders, users "have to be vigilant about protecting their systems," Oltsik said.

That includes home users listening for any unusual hard drive activity and larger operators monitoring network behavior for signs of bulk transfers, Oltsik said. He also recommended companies inform other enterprises of infected IP addresses they receive.

Either way, bot threats should continue to climb, experts said. "It's certainly a pretty hefty concern," Oltsik said.