Top 10 Most Dangerous BotNets, Malware [Fix]

Botnet is a collection of software robots, or bots, that run automatically. It is often associated with malicious software over network of computers using distributed computing. While botnets are often named after their malicious software name, there are typically multiple botnets in operation using the same malicious software families, but operated by different criminal entities.

While the term “botnet” can be used to refer to any group of bots, such as IRC bots, this word is generally used to refer to a collection of compromised computers (called Zombie computers) running software, usually installed via drive-by downloads exploiting Web browser vulnerabilities, worms, Trojan horses, or backdoors, under a common command-and-control infrastructure.

The bad news is that, Botnet attacks are increasing, as cybercrime gangs use compromised computers to send spam, steal personal data, perpetrate click fraud and clobber Web sites in denial-of-service attacks. Here’s a list of America’s 10 most wanted botnets, based on an estimate by security firm Damballa of botnet size and activity in the United States.

Though most of them can be removed by most Antivirus softwares but not all vendors support removal ofall. So I’ve mentioned links where you can find steps for easy removal/ prevention of the specified Botnets

BotNets are more serious problem than you can think of. The no. of infected PCs (and users don’t have an idea about it) are increasing day-by-day.

So let’s raise the awareness by discussing Top 10 among the 100s, Ranked by size and strength of damage in the Increasing Order.

No. 10: Conficker

Compromised Computers: 210,000

This downloader worm has spread significantly throughout the world, though not so much in the U.S., its also called Downadup.  It’s a complex downloader used to propagate other malware. Though it has been used to sell fake antivirus software, this crimeware currently seems to have no real purpose other than to spread. Industry watchers fear a more dangerous purpose will emerge.

How to Avoid/Fix

No. 9: Gammima

Also know as Gamina, Gamania, Frethog, Vaklik and Krap. This one focuses on stealing online game logins, passwords and account information. It uses rootkit techniques to load into the address space of other common processes, such as Windows Explorer.exe, and will spread through removable media such as USB keys. It’s also known to be the worm that got into the International Space Station in the summer of 2008.

How to Avoid/Fix

No. 8: Swizzor

Compromised U.S. computers: 370,000

A variant of the Lop malware, this Trojan dropper can download and launch files from the Internet on the victim’s machine without the user’s knowledge, installing an adware program and other Trojans.

How to Avoid/Fix

No. 7: Hamweq

Compromised U.S. computers: 480,000

Also known as IRCBrute, or an autorun worm, this backdoor worm makes copies of itself on the system and any removable drive it finds — and anytime the removable drives are accessed, it executes automatically. An effective spreading mechanism, Hamweq creates registry entries to enable its automatic execution at every startup and injects itself into Explorer.exe. The botmaster using it can execute commands on and receive information from the compromised system.

How to Avoid/Fix

No. 6: Monkif

Compromised U.S. computers: 520,000

This crimeware’s current focus is downloading an adware BHO (browser helper object) onto a compromised system.

How to Avoid/Fix: AVG fixes it

No. 5: TR/Dldr.Agent.JKH

Compromised U.S. computers: 1.2 million

This remote Trojan posts encrypted data back to its command-and-control domains and periodically receives instruction. Often loaded by other malware, TR/Dldr.Agent.JKH currently is used as a clickbot, generating ad revenue for the botmaster through constant ad-specific activity.

How to Avoid/Fix

No. 4: Trojan.Fakeavalert

Compromised U.S. computers: 1.4 million

Formerly used for spamming, this botnet has shifted to downloading other malware, with its main focus on fake alerts and rogue antivirus software.

How to Avoid/Fix

No. 3: TidServ

Compromised U.S. computers: 1.5 million

This downloader Trojan spreads through spam e-mail, arriving as an attachment. It uses rootkit techniques to run inside common Windows services (sometimes bundled with fake antivirus software) or in Windows safe mode, and it can hide most of its files and registry entries.

How to Avoid/Fix

No. 2: Koobface

Compromised U.S. computers: 2.9 million

This malware spreads via social networking sites like Twitter, MySpace and Facebook with faked messages or comments from “friends.” When a user is enticed into clicking on a provided link to view a video, the user is prompted to obtain a necessary update, like a codec — but it’s really malware that can take control over the computer.

How to Avoid/Fix

No. 1: Zeus

Compromised U.S. computers: 3.6 million

The Zeus Trojan uses key-logging techniques to steal sensitive data such as user names, passwords, account numbers and credit card numbers. It injects fake HTML forms into online banking login pages to steal user data.

How to Avoid/ Fix

BEST SOLUTION

Keep your antivirus software updated. I recommend changing antivirus/Ad-aware software to a different vendor evey month coz a single one may not catch all.









GD Star Rating
loading...
GD Star Rating
loading...

6 thoughts on “Top 10 Most Dangerous BotNets, Malware [Fix]”

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.