Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world.

 

One of the most remarkable things uncovered by the research was growing international demand for multifunctional malware that is not designed for specific purposes but is flexible enough to perform almost any task.

 

Botnets – nets of compromised devices used in criminal activity – are harnessed by criminals to spread malware and facilitate DDoS and spam attacks. Using Kaspersky Lab’s Botnet Tracking technology, the company’s researchers continuously monitor botnet activity to prevent forthcoming attacks, or to nip a new type of banker Trojan in the bud.

 

The technology works by emulating a compromised device, trapping the commands received from threat actors that are using the botnets to distribute malware. This provides the researchers with valuable malware samples and statistics.

 

Based on the results of recent research, in the first half of 2018 the share of single-purpose malware distributed through botnets dropped significantly in comparison to the second half of 2017. For example, in H2 2017, 22.46% of all unique malicious files distributed through the botnets monitored by Kaspersky Lab were banking Trojans, while in the first half of 2018, the share of bankers dropped by 9.21 percentage points – to 13.25% of all malicious files witnessed by the Botnet Tracking service.

 

The share of spamming bots – another type of single-purpose malicious software distributed through botnets – also decreased significantly: from 18.93% in H2 2017 to 12.23% in H1 2018. DDoS bots, yet another typical single-purpose malware, also dropped, from 2.66% in H2 2017 to 1.99% in H1 2018.

 

At the same time, the most distinctive growth was demonstrated by malware of a versatile nature, in particular Remote Access Tools (RAT) malware that provides almost unlimited opportunities for exploiting the infected PC.

 

Since H1 2017, the share of RAT files found among the malware distributed by botnets almost doubled, rising from 6.55% to 12.22%. Njrat, DarkComet and Nanocore topped the list of the most widespread RATs. Due to their relatively simple structure, the three backdoors can be modified even by an amateur threat actor. This allows the malware to be adapted for distribution in a specific region.

 

Trojans, also used for a variety of purposes, did not demonstrate as much progress as RATs, but, unlike a lot of single-purpose malware, their share of detected files increased, rising from 32.89% in H2 2017 to 34.25% H1 2018.

 

Just like the backdoors, one Trojan family can be modified and controlled by multiple command and control (C&C) servers, each with different purposes, for example, cyberespionage or the stealing of credentials.

 

The reason why RATs and other multipurpose malware are taking the lead when it comes to botnets is obvious: botnet ownership costs a significant amount of money and in order to make a profit, criminals should be able to use each and every opportunity to get money out of malware. A botnet built out of multipurpose malware can change its functions relatively quickly and shift from sending spam to DDoS or to the distribution of banking Trojans. While this ability in itself allows botnet owner to switch between different ‘active’ malicious business models, it also opens an opportunity for a passive income: the owner can simply rent out their botnet to other criminals,” said Alexander Eremin, Security Expert at Kaspersky Lab.

 

The only type of single-purpose malicious programs to demonstrate impressive growth within botnet networks were miners. Even though their percent of registered files is not comparable to highly popular multifunctional malware, their share increased two-fold and this fits in the general trend of a malicious mining boom as seen earlier by our experts.

 

To reduce the risk of turning your devices into part of a botnet, users are advised to:  

  • Patch the software on your PC as soon as security updates for the latest bugs uncovered are available. Unpatched devices can be exploited by cybercriminals and connected into a botnet.
  • Do not download pirated software and other illegal content, as these are often used to distribute malicious bots.
  • Use Kaspersky Internet Security to prevent your computer being infected with any type of malware, including that used for the creation of botnets.

 

 

Read the full version of the report on Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Nokia 8 Takes Its First Bite of Oreo™
Techworld Date Posted: 28 November 2017 10:24 AM | 270 Views
HMD Global, the home of Nokia phones, is excited to announce that Android™ 8.0 Oreo™ is now available for the Nokia 8. . See More
 
Nokia 8 Takes Its First Bite of Oreo™
Techworld Date Posted: 10:24 AM | 270 Views
HMD Global, the home of Nokia phones, is excited to announce that Android™ 8.0 Oreo™ is now available for the Nokia 8. See More

 
Excellent Job, Thanks’: You May Never Know about the Cybersecurity Incidents Caused by Your Employees
Techworld Date Posted: 18 July 2017 2:25 PM | 229 Views
Employees hide IT security incidents in 40% of businesses around the world - that's according to a new report from Kaspersky Lab and B2B International, "Human Factor in IT Security: How Employees are Making.... See More
 
Excellent Job, Thanks’: You May Never Know about the Cybersecurity Incidents Caused by Your Employees
Techworld Date Posted: 2:25 PM | 229 Views
Employees hide IT security incidents in 40% of businesses around the world - that's according to a new report from Kaspersky Lab and B2B International, "Human Factor in IT Security: How Employees are Making...See More

 
Kaspersky Lab Bags Two Wins At Networks Asia Information Management Awards 2018
Techworld Date Posted: 11 June 2018 4:19 PM | 475 Views
(From left) Jesmond Chang, Head of Corporate Communications for Kaspersky Lab APAC, receives the award from Nikolay Novozhilov, Head of Digital Products at NTUC Link   Kaspersky Lab announced its win of two cybersecurity.... See More
 
Kaspersky Lab Bags Two Wins At Networks Asia Information Management Awards 2018
Techworld Date Posted: 4:19 PM | 475 Views
(From left) Jesmond Chang, Head of Corporate Communications for Kaspersky Lab APAC, receives the award from Nikolay Novozhilov, Head of Digital Products at NTUC Link   Kaspersky Lab announced its win of two cybersecurity...See More

 
Kaspersky Lab Unravels the Truth on Cyber Espionage at its 3rd APAC Cyber Security Conference
Techworld Date Posted: 17 October 2017 1:26 PM | 326 Views
Kaspersky Lab unriddled the mysterious threat of cyberespionage against countries, critical infrastructure, and companies in the region on its 3rd Asia Pacific (APAC) Cyber Security Weekend in Phuket, Thailand last week.. See More
 
Kaspersky Lab Unravels the Truth on Cyber Espionage at its 3rd APAC Cyber Security Conference
Techworld Date Posted: 1:26 PM | 326 Views
Kaspersky Lab unriddled the mysterious threat of cyberespionage against countries, critical infrastructure, and companies in the region on its 3rd Asia Pacific (APAC) Cyber Security Weekend in Phuket, Thailand last week.See More

 
Lenovo Opens Concept Store in Tacloban
Techworld Date Posted: 25 October 2018 2:01 PM | 117 Views
Technology leader, Lenovo, has recently opened its newest concept store in Tacloban City, Leyte, as part of its efforts to bring its services closer to customers in the region and bolster its presence in.... See More
 
Lenovo Opens Concept Store in Tacloban
Techworld Date Posted: 2:01 PM | 117 Views
Technology leader, Lenovo, has recently opened its newest concept store in Tacloban City, Leyte, as part of its efforts to bring its services closer to customers in the region and bolster its presence in...See More

 
CORSAIR Launches New PSU, Coolers and Case at CES 2018
Techworld Date Posted: 9 January 2018 1:50 PM | 338 Views
CORSAIR®, a world leader in enthusiast memory, high-performance gaming hardware and PC components, today launched a range of PC enthusiast products, equipped with a host of new innovations and features to help PC builders.... See More
 
CORSAIR Launches New PSU, Coolers and Case at CES 2018
Techworld Date Posted: 1:50 PM | 338 Views
CORSAIR®, a world leader in enthusiast memory, high-performance gaming hardware and PC components, today launched a range of PC enthusiast products, equipped with a host of new innovations and features to help PC builders...See More

 
LuckyMouse Group Is Back and Using a Legitimate Certificate to Sign Malware
Techworld Date Posted: 14 September 2018 3:20 PM | 226 Views
The Kaspersky Lab Global Research and Analysis Team (GReAT) has discovered several infections from a previously unknown Trojan, which is most likely related to the infamous Chinese-speaking threat actor – LuckyMouse. . See More
 
LuckyMouse Group Is Back and Using a Legitimate Certificate to Sign Malware
Techworld Date Posted: 3:20 PM | 226 Views
The Kaspersky Lab Global Research and Analysis Team (GReAT) has discovered several infections from a previously unknown Trojan, which is most likely related to the infamous Chinese-speaking threat actor – LuckyMouse. See More

 
Kaspersky Lab Reveals PH Threat Landscape, Advocates Public-Private Collaboration in its First CyberSecurity Summit with the DICT
Techworld Date Posted: 7 August 2017 11:27 AM | 301 Views
The Department of Information and Communications Technology (DICT) Secretary Rodolfo Salalima (second from left) shakes hand with Kaspersky Lab Asia Pacific Managing Director Stephan Neumeier (third from left) during the media briefing for their.... See More
 
Kaspersky Lab Reveals PH Threat Landscape, Advocates Public-Private Collaboration in its First CyberSecurity Summit with the DICT
Techworld Date Posted: 11:27 AM | 301 Views
The Department of Information and Communications Technology (DICT) Secretary Rodolfo Salalima (second from left) shakes hand with Kaspersky Lab Asia Pacific Managing Director Stephan Neumeier (third from left) during the media briefing for their...See More

 
Fujitsu Develops AI Technology to Determine the Necessity of Cyberattack Responses
Techworld Date Posted: 13 February 2019 9:55 AM | 195 Views
Fujitsu Laboratories Ltd. has announced that it has developed an AI technology that automatically determines whether action needs to be taken in response to a cyberattack. . See More
 
Fujitsu Develops AI Technology to Determine the Necessity of Cyberattack Responses
Techworld Date Posted: 9:55 AM | 195 Views
Fujitsu Laboratories Ltd. has announced that it has developed an AI technology that automatically determines whether action needs to be taken in response to a cyberattack. See More

 
Kingston and Authorized Partners to Bring High-Quality Storage Solutions to Philippines
Techworld Date Posted: 24 January 2019 1:25 PM | 100 Views
Kingston Technology, a world leader in memory storage products and technology solutions, today announced the launch of its authorized partner program in the Philippines. Ranked as the World’s NO.1 memory module manufacturer. See More
 
Kingston and Authorized Partners to Bring High-Quality Storage Solutions to Philippines
Techworld Date Posted: 1:25 PM | 100 Views
Kingston Technology, a world leader in memory storage products and technology solutions, today announced the launch of its authorized partner program in the Philippines. Ranked as the World’s NO.1 memory module manufacturerSee More


Power by

Download Free AZ | Free Wordpress Themes