Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world.

 

One of the most remarkable things uncovered by the research was growing international demand for multifunctional malware that is not designed for specific purposes but is flexible enough to perform almost any task.

 

Botnets – nets of compromised devices used in criminal activity – are harnessed by criminals to spread malware and facilitate DDoS and spam attacks. Using Kaspersky Lab’s Botnet Tracking technology, the company’s researchers continuously monitor botnet activity to prevent forthcoming attacks, or to nip a new type of banker Trojan in the bud.

 

The technology works by emulating a compromised device, trapping the commands received from threat actors that are using the botnets to distribute malware. This provides the researchers with valuable malware samples and statistics.

 

Based on the results of recent research, in the first half of 2018 the share of single-purpose malware distributed through botnets dropped significantly in comparison to the second half of 2017. For example, in H2 2017, 22.46% of all unique malicious files distributed through the botnets monitored by Kaspersky Lab were banking Trojans, while in the first half of 2018, the share of bankers dropped by 9.21 percentage points – to 13.25% of all malicious files witnessed by the Botnet Tracking service.

 

The share of spamming bots – another type of single-purpose malicious software distributed through botnets – also decreased significantly: from 18.93% in H2 2017 to 12.23% in H1 2018. DDoS bots, yet another typical single-purpose malware, also dropped, from 2.66% in H2 2017 to 1.99% in H1 2018.

 

At the same time, the most distinctive growth was demonstrated by malware of a versatile nature, in particular Remote Access Tools (RAT) malware that provides almost unlimited opportunities for exploiting the infected PC.

 

Since H1 2017, the share of RAT files found among the malware distributed by botnets almost doubled, rising from 6.55% to 12.22%. Njrat, DarkComet and Nanocore topped the list of the most widespread RATs. Due to their relatively simple structure, the three backdoors can be modified even by an amateur threat actor. This allows the malware to be adapted for distribution in a specific region.

 

Trojans, also used for a variety of purposes, did not demonstrate as much progress as RATs, but, unlike a lot of single-purpose malware, their share of detected files increased, rising from 32.89% in H2 2017 to 34.25% H1 2018.

 

Just like the backdoors, one Trojan family can be modified and controlled by multiple command and control (C&C) servers, each with different purposes, for example, cyberespionage or the stealing of credentials.

 

The reason why RATs and other multipurpose malware are taking the lead when it comes to botnets is obvious: botnet ownership costs a significant amount of money and in order to make a profit, criminals should be able to use each and every opportunity to get money out of malware. A botnet built out of multipurpose malware can change its functions relatively quickly and shift from sending spam to DDoS or to the distribution of banking Trojans. While this ability in itself allows botnet owner to switch between different ‘active’ malicious business models, it also opens an opportunity for a passive income: the owner can simply rent out their botnet to other criminals,” said Alexander Eremin, Security Expert at Kaspersky Lab.

 

The only type of single-purpose malicious programs to demonstrate impressive growth within botnet networks were miners. Even though their percent of registered files is not comparable to highly popular multifunctional malware, their share increased two-fold and this fits in the general trend of a malicious mining boom as seen earlier by our experts.

 

To reduce the risk of turning your devices into part of a botnet, users are advised to:  

  • Patch the software on your PC as soon as security updates for the latest bugs uncovered are available. Unpatched devices can be exploited by cybercriminals and connected into a botnet.
  • Do not download pirated software and other illegal content, as these are often used to distribute malicious bots.
  • Use Kaspersky Internet Security to prevent your computer being infected with any type of malware, including that used for the creation of botnets.

 

 

Read the full version of the report on Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Petya, Wanna Cry, and Mirai—Is This the New Normal
Techworld Date Posted: 3 August 2017 5:01 PM | 342 Views
This past year, cybercriminals have upped the stakes once again with the high profile, global attacks of Mirai,Wannacry, and Petya, launched one after the other. Of course, large-scale attacks aren't new. Attacks like the ILOVEYOU.... See More
 
Petya, Wanna Cry, and Mirai—Is This the New Normal
Techworld Date Posted: 5:01 PM | 342 Views
This past year, cybercriminals have upped the stakes once again with the high profile, global attacks of Mirai,Wannacry, and Petya, launched one after the other. Of course, large-scale attacks aren't new. Attacks like the ILOVEYOU...See More

 
Realme 3 Scores Back-to-Back Sold-Out Feats, Sells 500 Units in 18 Minutes at Shopee 4.4
Techworld Date Posted: 5 April 2019 10:38 AM | 109 Views
Hot on the heels of being hailed as Shopee’s fastest-selling smartphone sub-Php10,000, budget and midrange smartphone disruptor realme 3 sets another record with its Shopee 4.4 sold-out promo. A record of 500 units of.... See More
 
Realme 3 Scores Back-to-Back Sold-Out Feats, Sells 500 Units in 18 Minutes at Shopee 4.4
Techworld Date Posted: 10:38 AM | 109 Views
Hot on the heels of being hailed as Shopee’s fastest-selling smartphone sub-Php10,000, budget and midrange smartphone disruptor realme 3 sets another record with its Shopee 4.4 sold-out promo. A record of 500 units of...See More

 
Sing Your Way to Security: Unique, Memorable Passwords Made Stronger than Constant Change, Says Kaspersky Lab Researchers
Techworld Date Posted: 2 February 2019 10:14 AM | 101 Views
To mark Change Your Password Day, 2019, Kaspersky Lab’s security researchers are advising users that unique, memorable passwords are stronger and more effective than regularly changing account passwords when it comes to keeping data.... See More
 
Sing Your Way to Security: Unique, Memorable Passwords Made Stronger than Constant Change, Says Kaspersky Lab Researchers
Techworld Date Posted: 10:14 AM | 101 Views
To mark Change Your Password Day, 2019, Kaspersky Lab’s security researchers are advising users that unique, memorable passwords are stronger and more effective than regularly changing account passwords when it comes to keeping data...See More

 
Transcend® Offers a New Perspective with the DrivePro Body 60 Body Camera
Techworld Date Posted: 5 June 2018 10:44 AM | 327 Views
Transcend® Information, Inc. (Transcend®), a leading manufacturer of storage and multimedia products, proudly introduces the DrivePro Body 60 body camera. This state-of-the-art POV tethered camera is designed specifically for military and public safety professionals.... See More
 
Transcend® Offers a New Perspective with the DrivePro Body 60 Body Camera
Techworld Date Posted: 10:44 AM | 327 Views
Transcend® Information, Inc. (Transcend®), a leading manufacturer of storage and multimedia products, proudly introduces the DrivePro Body 60 body camera. This state-of-the-art POV tethered camera is designed specifically for military and public safety professionals...See More

 
OPPO F7 Breaks History with 37,697 Units Sold on its First Day Sale!
Techworld Date Posted: 23 April 2018 3:12 PM | 547 Views
Technology stores nationwide filled up on the first day sale of the much-anticipated OPPO F7. The selfie expert brand exceeded customer expectations by achieving a total of 37,687 units sold on the first day.... See More
 
OPPO F7 Breaks History with 37,697 Units Sold on its First Day Sale!
Techworld Date Posted: 3:12 PM | 547 Views
Technology stores nationwide filled up on the first day sale of the much-anticipated OPPO F7. The selfie expert brand exceeded customer expectations by achieving a total of 37,687 units sold on the first day...See More

 
F5 Names Ben Gibson as Chief Marketing Officer
Techworld Date Posted: 4 August 2017 1:11 PM | 331 Views
Business leader with 25 years of experience at Veritas, Aruba Networks, and Cisco Systems to head global marketing team Philippines, August 4, 2016 — F5 Networks (NASDAQ: FFIV), the global leader in application networking and.... See More
 
F5 Names Ben Gibson as Chief Marketing Officer
Techworld Date Posted: 1:11 PM | 331 Views
Business leader with 25 years of experience at Veritas, Aruba Networks, and Cisco Systems to head global marketing team Philippines, August 4, 2016 — F5 Networks (NASDAQ: FFIV), the global leader in application networking and...See More

 
Kaspersky Lab’s Statement on NotPetya Ransomware Attacks Reported 27 June
Techworld Date Posted: 4 July 2017 2:50 PM | 329 Views
Kaspersky Lab’s analysts are investigating the new wave of ransomware attacks targeting organizations across the world. Our preliminary findings suggest that it is not a variant of Petya ransomware as publically reported, but a.... See More
 
Kaspersky Lab’s Statement on NotPetya Ransomware Attacks Reported 27 June
Techworld Date Posted: 2:50 PM | 329 Views
Kaspersky Lab’s analysts are investigating the new wave of ransomware attacks targeting organizations across the world. Our preliminary findings suggest that it is not a variant of Petya ransomware as publically reported, but a...See More

 
Notes on Intel®’s Tick-Tock Model
Techworld Date Posted: 30 March 2017 10:59 AM | 366 Views
Though Intel has scrapped the previous “Tick-Tock” CPU production model, it is still good to note how well it has gone through the years.. See More
 
Notes on Intel®’s Tick-Tock Model
Techworld Date Posted: 10:59 AM | 366 Views
Though Intel has scrapped the previous “Tick-Tock” CPU production model, it is still good to note how well it has gone through the years.See More

 
Acer Philippines Maintains No. 1 Spot in the PC Market for 10 Years
Techworld Date Posted: 4 March 2019 3:43 PM | 137 Views
The results are in. The growth of the country’s Philippine Personal Computer (PC) market is the fastest in the ASEAN region. Acer leads the Philippine PC market in all circumstances for 10 years straight.... See More
 
Acer Philippines Maintains No. 1 Spot in the PC Market for 10 Years
Techworld Date Posted: 3:43 PM | 137 Views
The results are in. The growth of the country’s Philippine Personal Computer (PC) market is the fastest in the ASEAN region. Acer leads the Philippine PC market in all circumstances for 10 years straight...See More

 
Transcend Wins Good Design Award 2018 in Japan
Techworld Date Posted: 16 October 2018 4:22 PM | 164 Views
Transcend Information, Inc. (Transcend®), a worldwide leader in storage and multimedia products, today announced that its JetDrive™ 855 SSD upgrade kit for Mac has won the "Good Design Award 2018" for its practical and.... See More
 
Transcend Wins Good Design Award 2018 in Japan
Techworld Date Posted: 4:22 PM | 164 Views
Transcend Information, Inc. (Transcend®), a worldwide leader in storage and multimedia products, today announced that its JetDrive™ 855 SSD upgrade kit for Mac has won the "Good Design Award 2018" for its practical and...See More


Power by

Download Free AZ | Free Wordpress Themes