Worlds top and scariest Botnets
Imagine your computer being used to mount a attack on some foreign entity which you are neither concerned with nor know about, Yes, your computers can be used by cyber criminals as botnets by some cyber criminals sitting in some distant Eastern European country and launching massive attacks against a American website. However this can only be possible if you computer is infected with a Malware which received command and control information from a remote server. If that is the case, you machine is a ‘Zombie’ Botnet, the greatest and scariest attack on the internet . They tend to swell to massive numbers before they are even detected at times. And even if one botnet survives, it can restart another wave of attack.
For those who do not know, a “zombie” is a machine that has been infected with a certain type of remotely controlled malware. The idea that we get from movies about zombies is an entity that has been stripped of its usual motivations and that is now behaving in unusual and not-especially-desirable ways. In this case it could be, for example, a computer spewing spam, silently clicking ads, or stealing financial or personally identifiable information. And just like in the movies, such zombie machines can be very difficult to terminate.
We at Techworm, are rounding off a list of the top 5 most prevalent and frightening zombie Botnets.
This is the oldest among all the attacks in our list. The authors of this attack used tactics that would later be used by other authors. It was a very huge attack too, infecting around 10 million Windows computers at its peak. Storm was probably the first attack of such magnitude that was used for financial gains by cyber criminals. The creators separated their massive botnet network and managed to sell it off as well. Since this attack was so lucrative, the authors designed the bots to fight off security researchers and AV engines. If anyone tried to even find out about them, the authors would channel the zombies onto them until their machines were forced offline.
Another old and vast botnet attack. Again, Conficker targeted only Windows computers. This attack was on such an immense scale that the Conficker Working Group had to be specifically formed with the sole agenda of tackling this Botnet. At its peak, Conficker was reported to have infected a massive 15 million Windows machines worldwide. That’s more than the entire population of a few countries. The Conficker Working Group did gain a huge success in mitigating this attack, but even today approximately a million machines are still believed to be infected and a few of Conficker variants are still being found in the wild.
Zeus has been one persistent zombie to give headaches to the security companies. Windows machines though being its primary target, it had versions that targeted other Operating Systems as well. Zeus was taken down by the US Marshals working alongside its partners in 2012. But being persistent as described above, the authors took pieces of the program and brought it back from the dead as Gameover Zeus, which needed the FBI to take it down. But this is still not the end of this story with news coming in that the authors of this attack are rebuilding their network, so we may see another variant in the near future.
All the attacks mentioned so far have targeted Windows machines primarily. There has been a long standing belief that MacOS was beyond the reach of malware. Flashback was a hard fall back to reality for Mac users. This attack was specifically targeting Mac machines with the primary premise of generating revenue through ad clicks. It did not affect a huge number of machines given the limited reach of Mac machines, but if you only consider Mac machines, then the percentage of attacks on Macs is pretty high. The attack has been abandoned because the attackers couldn’t pass through anti-fraud systems. Although, there are still plenty of infected machines, so you never know when another attack may emerge.
On surface, this attack doesn’t seem massive enough to be included on this list. But the authors of this attack, seem to take the slow and steady approach. They are amassing their army of infected machines slowly, thereby remaining undetected for quite some time. And instead of Windows OS machines, this attack targeted Linux machines and that too mostly servers. With the recent rise of open source languages to create websites, Linux based servers now host websites that cater to millions of users daily, so one can guess the sheer number of people at risk. The authors didn’t stop there, going on to attack a variety of systems, even the iPhone.
The one thing to learn from this, no machine is safe. Apple used to boast about the fact that Macbooks never got infected by malware. Check their recent ads, you will not find this claim anywhere. Every system, with sizeable users is being targeted though the motto of the attacks is ‘the more the better’.
The only way to stay safe, is to maintain security hygiene, safe browsing habit and keeping your machine sanitized.