Botnet threat growing at ‘alarming rate’

The trend of hackers and cybercriminals using botnets to conduct large-scale denial-of-service attacks increased at an "alarming rate" during the second half of last year, new research has revealed.

The 2005 Semi-Annual Web Security Trends Report issued by Websense Security Labs, reported that these types of attacks, which can use hundreds of thousands of computers infected with unauthorized software agents, constituted one of the fastest-growing IT security risks of the last 12 months.

In addition, the study reported that the number of cyberextortion attacks - in which money is requested from users to fix a problem created by the cybe-criminal – is also rising rapidly.

The motives for creating malicious websites were found to be moving away from annoyances, such as changing default homepages, to increasingly malicious purposes, such as changing browser address bars to redirect users to fake banking, commerce and other sites.

Also according to the report, browser and operating system vulnerabilities were exploited more frequently by spyware, crimeware, phishing and keylogger installations.

In addition, the research noted that there was a shift towards profiting from current events, in particular, donation scams for natural disasters. Prime examples were sites purporting to collect donations for tsunami or Hurricane Katrina victims.

Phishing attacks were found to have continued to target and exploit non-financial organizations as well as banks.

According to the Websense data, spear phishing - attacks that use stolen inside information to convince victims that the messages are legitimate - was on the rise as a technique used to dupe increasingly sophisticated consumers into taking the lure.

The most significant vulnerabilities that are highlighted by the study include the Nov. 16, 2005, discovery of websites hosting code attacking the vulnerability in the Sony BMG Music Entertainment copy protection uninstall program. The code on these websites allowed hackers to obtain remote access into users' machines simply by visiting a website.

Also highlighted was the Dec. 2, 2005, discovery of exploits that were using a zero-day Internet Explorer vulnerability. The Windows object exploit allowed successful downloading and launching of malicious code without user-intervention.

The report also noteed the seriousness of the Dec. 14, 2005, discovery of the Microsoft Windows metafile vulnerability and an associated active exploit. The exploit enabled attackers to download and launch additional software on vulnerable Windows clients, including keyloggers, crimeware, bots and trojan horse malicious code.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.