Bots have emerged as the most prolific type of malicious code during 2005, according to new research. Data published today by PandaLabs reveals that more than 10,000 new samples of automated worms or trojans were detected during this year alone, leading to a sharp rise in the number of zombie botnets used by cyber criminals.
According to the study, viral activity on the internet is currently exceptionally high, although the principal danger is no longer fast spreading email worms, but unknown malicious code that can be used for stealing confidential data as part of online fraud scams.
"The creators of malicious code now concentrate their efforts on obtaining financial returns, which explains the enormous proliferation of bots, a type of malware highly suited to this purpose. Evidently, a wide-scale epidemic that attracts the interest of users and the media is not in their interests, as the aim is to ensure their creations infiltrate computers without people knowing so that they can operate maliciously for a long as possible," warned Luis Corrons, director of PandaLabs.
Corrons added that many of the newly detected bots are designed to receive and execute remote attack orders. For this reason, they can take a wide range of actions depending on the requirements of their creator, including attacks on other computers and downloading malicious code. In general, the aim of the creators of bots is not to infect a single computer but to create a network of computers infected with a specific bot.
This can generate considerable profits. For example, spyware installed on numerous computers would return a host of data that can then be sold to unscrupulous marketing companies for considerable sums of money.
The PandaLabs report noted that there are several ways to install bots on systems, including exploiting browser vulnerabilities that allow automatic download and execution of files when visiting a web page. The distribution method is described by the study as "the most dangerous aspect of bots," as many unknown specimens are installed on numerous computers the world over, with both users and security companies unaware of their existence.