Botnets Remained a Top Threat in June

Botnets are becoming more resilient and are reaching networks through more legitimate means, making them difficult to fight.

 By Sue Poremba | Posted Jul 1, 2010
Page of   |  Back to Page 1
Print Article

It's time for enterprises to turn some attention to botnet threats. According to Fortinet's June 2010 Threat Landscape report, new variations of the Sasfis botnet entered the Top 10 list. Sasfis has been competing with the Pushdo botnet in terms of sheer volume and was very active this past month. And now, the Kraken bot seems to be making a comeback.

This report comes on the heels of the Gartner prediction that botnets will be a problem for a long time to come.

Of course, botnets are becoming more resilient and are reaching networks through more legitimate means, making them difficult to fight at times. To show that, in an interesting guest post at ZDNet, Derek Manky listed Fortinet's top threat predictions for 2010 and how those predictions have played out six months later. About botnets, he wrote:

January 2010: "Botnets will no longer just obfuscate their binary codes to escape detection. Instead, they will piggyback on legitimate communications vehicles to propagate and cloak activities.”

June 2010: This year several new botnets that have come into scope, each using common protocols such as HTTP to do their dirty work. Botnets, which existed before 2010, continue to remain strong and develop their protocols to obfuscate activity. This year we discovered Webwail, a Web-based scripting engine that can create accounts through the Web (such as Yahoo, Hotmail, GMail, etc) and then spam through them. To do this, CAPTCHAs are cracked dynamically by a third party, so that the Web bot may proceed as if it were human. While we have only observed Webwail to create and send spam, our analysis indicates it is much more capable.

Comment and Contribute
(Maximum characters: 1200). You have
characters left.
Get the Latest Scoop with Enterprise Networking Planet Newsletter

By submitting your information, you agree that enterprisenetworkingplanet.com may send you ENTERPRISENetworkingPLANET offers via email, phone and text message, as well as email offers about other products and services that ENTERPRISENetworkingPLANET believes may be of interest to you. ENTERPRISENetworkingPLANET will process your information in accordance with the Quinstreet Privacy Policy.