IRC-Based Botnets Almost Vanishing!

Botnet Number that is controlled over web servers are five times the number of botnets controlled by IRC-channels this is according to a new research conducted by Team Cymru Security experts.

The IRC botnet has decreased significantly due to some limitation over controlling and sending different instruction by the command-and-control (C&C) servers.

“the US is significantly ahead of anyone else”, says Steve Santorelli, Team Cymru’s director of global outreach in San Diego.

Santorelli and his colleagues also detected a daily average of 226 C&C servers in China and 92 in Russia. But European countries not usually linked with cybercrime were in a similar range, with an average of 120 C&C servers based in Germany and 64 in the Netherlands.

Today there are many ways to control infected hosts and send instructions to each machine. It all depends on the specific settings. the current type of protocol that are mostly used includes:

* Web server – management through a Web interface. Currently, the most common way as provided by Team Cymru (Zeus is an example of this form of Botnet).

* Instant Message – the transfer of command on one of the IM-protocols (Skype ,jabber, MSN, etc.) but this form Used in the bot-networks with a small number of machines.

* IRC Channels – this has been the first form of zombies but it has some limitation and is not often used because command-and-control (C&C) servers maybe isolated at any time from his network and will not be able to send instructions.

* Twitter and social networks also may be used by Botnet as they provide a high scalability and they provide a flexible API for all users.

By All these means of zombie’s communication, botnets that are managed through HTTP, are more convenient in the construction and maintenance, while difficult to detect their activity; therefore not surprising that criminals prefer them – every year and a half the number of malicious networks of this type is doubled.

make sure you subscribe to my RSS feed!

Share
Subscribe
Notify of
guest
13 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
trackback

[…] This post was mentioned on Twitter by Jovi Umawing, Mourad ben lakhoua and A. Vanderslyke, SecureTechnology. SecureTechnology said: #Security #infosec IRC-Based Botnets Almost Vanishing!: Botnet Number that is controlled over web server… http://bit.ly/baOzwK […]

trackback

[…] secondo uno studio realizzato dal Team Cymru Security, le unità C&C basate su web sono cinque più numerose di […]

trackback

IRC-Based Botnets Almost Vanishing! http://j.mp/bi2toY

trackback

RT @Security_FAQs: IRC-Based Botnets Almost Vanishing! http://bit.ly/91LkbJ

trackback

RT @Security_FAQs: IRC-Based Botnets Almost Vanishing! http://bit.ly/91LkbJ

trackback

IRC-Based Botnets Almost Vanishing! http://bit.ly/91LkbJ

trackback

RT @MBenLakhoua: IRC-Based Botnets Almost Vanishing!:Botnet Number that is controlled over web servers are five times.. http://bit.ly/baOzwK

trackback

IRC-Based Botnets Almost Vanishing! http://ow.ly/3c6qF <~ not surprising, companies blindly filter any IRC traffic (via @MBenLakhoua)

trackback

IRC-Based Botnets Almost Vanishing!:

Botnet Number that is controlled over web servers are five times th… http://bit.ly/baOzwK

trackback

RT @MBenLakhoua: RT @sectechno: IRC-Based #Botnets Almost Vanishing! http://www.sectechno.com/2010/11/17/irc-based-botnets-almost-vanishing/

trackback

RT @sectechno: IRC-Based Botnets Almost Vanishing! http://www.sectechno.com/2010/11/17/irc-based-botnets-almost-vanishing/

trackback
trackback

[SecTechno] IRC-Based Botnets Almost Vanishing! http://bit.ly/baOzwK #security