The botnet, a network of “hijacked” computers, is now a “standard tool” used by cyber-criminals to invade machines for attractive, sales-worthy data, according to a recent article published by the BBC News. The article indicates that after the invader attacks the target, it will then use them as “launch platforms for spam and phishing attacks, or to target websites with huge amounts of data.” They have proven to be much harder to eliminate, and, as illustrated in the article, these botnets are like “zombies” who do not know that they are dead and “keep coming back again and again to cause even more trouble.”
The BBC reports in the article that some of these larger networks consist of “millions of machines” leaving researcher’s studies and estimates to suggest that “5% to 10% of all domestic computers are enrolled on these criminal networks.” The article indicates that a number of both small and large botnets – including those with names like Citadel, Kelihos and Cutwail – were “dismantled and disrupted” in 2013, which – to most industry experts – was a very “good thing“.
Prof Michel van Eeten of Delft University of Technology in the Netherlands, an individual who specializes in the study of these networks and “how to manage them” was quoted in the article saying, “The problem of ‘undead’ botnets is well known. There are a variety of ways in which take-down efforts leave remnants behind that live on and can potentially be reactivated.” The article clarified that the malicious software that enrolled many users onto the “Conficker botnet” of 2008 still infects millions of machines to this day. Security researchers worry about these “zombie-like networks” and how they can be defeated forever.
Adrian Culley, a technical consultant at the security firm Damballa, was quoted in the article saying, “Those zombie parts are often left flailing around. Even though the botnet has been taken down they do not know that, and they will constantly try to contact their maker.” The article continued Culley to say, “Targeting domains can be a good way to disrupt a botnet but the hard part is cleaning up those zombie machines and stopping it for good.”