Beware the rise of the bots

The number of malicious bots appearing on the internet increased more than 175 per cent between 2004 and 2005, with more than 10,000 cases of the malware documented by security firm PandaLabs.

In all, bots represented more than 20 per cent of new malware detected in 2005. Bots are so called for their ability to infect and take up residence on the PC of an unknowing user where they await further commands.

But more worrying is PandaLabs' belief that this most recent threat is accompanied by a new professionalism in the creation of malware and the creators' search for financial return.

This results in a number of variants developed in any one malware family stretching into the thousands, making it nearly impossible for signature-based protection systems to cope with outbreaks.

To this end, antivirus companies are increasingly looking towards heuristic and behavioural analysis technologies which can protect a system much earlier than signature-based solutions.

The greatest threat, however, is when bots are deployed to build extensive networks, popularly known as botnets, which are then used by their creators to take large-scale actions, such as sending spam or distributing other malware.

Some 'bot herders' even hire out the botnet to spammers, blackmailers and other profiteers to distribute spyware, send spam or launch denial of service attacks.

"Botnets are one of the current business tools of cyber-crime, and the biggest danger lies in their secrecy," said Luis Corrons, director of PandaLabs.

"A large company could be serving the interests of a group of malware creators without realising it. Their computers could be at the disposal of cyber-crooks, creating several legal implications."