http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=216402026 By Kelly Jackson Higgins DarkReading March 31, 2009 Big-name botnets like Kraken/Bobax, Srizbi, Rustock, the former Storm -- and even the possible botnet-in-waiting, Conficker -- have gained plenty of notoriety, but it's the smaller and less conspicuous ones you can't see that are doing the most damage in the enterprise. These mini-botnets range in size from tensto thousands versus the hundreds of thousands, or even millions, of bots that the biggest botnets deploy. They are typically specialized and built to target an organization or person, stealing corporate and personal information, often without a trace. They don't attract the attention of the big spamming botnets that cast a wide net and generate lots of traffic; instead they strike quietly, under the radar. "There's definitely specialization [in botnets] these days," says Joe Stewart, senior director of malware research for SecureWorks. "There are botnets designed for fraud, and they have been around for a while and don't seem to cross over [with the bigger spamming botnets]," he says. These mini-botnets specialize in identity theft, fraud, and stealing corporate information, and are much more difficult to spot and infiltrate than a big spamming botnet. "We have to rely on the few anecdotal instances, where we've managed to get a look at the back-end," Stewart says. [...] _______________________________________________ Best Selling Security Books and More! http://www.shopinfosecnews.org/Received on Wed Apr 01 2009 - 00:15:40 PDT
This archive was generated by hypermail 2.2.0 : Wed Apr 01 2009 - 00:28:17 PDT