Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!


Identity theft caused by Bot nets increasing

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

March 15, 2005

According to a Honeynet Project report, Bot nets (collections of compromised computers controlled by a single person or group) have become more popular and increasingly focused on identity theft and installing spyware programs.

The report, released on Monday, summarizes the findings of researchers who have tapped into more than 100 different bot nets since last summer. Some of the networks were made up of more than 50,000 computers, said the Honeynet Project, a security group that sets up heavily monitored systems, or honeypots, and allows them to be attacked.

While many of the networks had been used to hit other bot nets with denial-of-service attacks, others had been used to gather sensitive identity information and install adware and spyware, a practice that is increasing, said Thorsten Holz, a computer science research student at RWTH Aachen University of Technology in Germany and one of the primary authors of the paper.

Get the best Linux or Windows Web hosting plan for your website.
Get the lowest rate and the best tech support on any Linux or Windows hosting plan. Learn more by clicking here.

"Our research shows that some attackers are highly skilled and organized, potentially belonging to some well-organized crime structures," Holz, a member of the Honeynet Project, wrote in the paper. "Even in unskilled hands, it should be obvious that bot nets are a loaded and powerful weapon."

Over the past year, security experts have become increasingly wary of bot nets. Once used mainly by online vandals to attack each other, the large networks of compromised computers are now a tool for groups of criminals bent on making money through identity fraud or adware installation. A person whose computer is infected with bot software runs the risk of having sensitive information such as account passwords and credit card numbers sent to the controller of the network.

A bot-net onslaught is believed to have caused an outage at Internet service provider Akamai Technologies last summer.

At least a million computers worldwide are unwitting hosts to bot software, Honeynet researchers calculate--but that's a conservative estimate, Holz wrote in the report. A typical bot could be connected to 10,000 other computers, use the old-school Internet chat system--known as IRC--for command and control, and have a plug-in architecture that allows new features to be quickly added, he noted.

The report also describes how the researchers monitored the bots and intercepted communications. The Honeynet Project plans to release the software programs it developed to the community at large.

Some interesting applications of the malicious networks have been noticed by researchers, Holz said in an interview. In one case, bot software detected whether the game "Diablo II" was installed on the host PC. If the game was present, the program would steal items from the player's characters and drop them at preplanned places in the online game world. The bot net's controller would then collect the items and sell them on auction site eBay, Holz said.

Here's the opportunity you were waiting to register your domain name!
Register any .com, .net or .org domain name for just $5.99 for a whole year. Learn more by clicking here.

"It was pretty clever and hard to detect," he said.

Future bot nets will likely move to peer-to-peer communications, which are harder to intercept and shut down, Holz said. Moreover, there is a trend toward smaller numbers of bots in each network--a measure that makes the collection of compromised computers that much harder to detect, he said. While a network of 3,000 to 8,000 computers is harder to detect than one of 20,000, it can be as damaging, he added.

"Even those small bot nets can cause much harm, especially if the compromised machines have good Internet connectivity or are located within interesting places," Holz said.

Source: C-Net News


Save Internet Security.ca's URL to the list of your favorite web sites in your Web browser by clicking here.

Become an authorized reseller of Proxy Sentinel™ and Firewall Sentinel™. Do like the rest of our authorized resellers and have your clients benefit the important security features of our products and solutions, while increasing your sales at the same time. Click here for all the details.


You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca 2003    Terms of use    Privacy agreement    Legal disclaimer