Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world.

 

One of the most remarkable things uncovered by the research was growing international demand for multifunctional malware that is not designed for specific purposes but is flexible enough to perform almost any task.

 

Botnets – nets of compromised devices used in criminal activity – are harnessed by criminals to spread malware and facilitate DDoS and spam attacks. Using Kaspersky Lab’s Botnet Tracking technology, the company’s researchers continuously monitor botnet activity to prevent forthcoming attacks, or to nip a new type of banker Trojan in the bud.

 

The technology works by emulating a compromised device, trapping the commands received from threat actors that are using the botnets to distribute malware. This provides the researchers with valuable malware samples and statistics.

 

Based on the results of recent research, in the first half of 2018 the share of single-purpose malware distributed through botnets dropped significantly in comparison to the second half of 2017. For example, in H2 2017, 22.46% of all unique malicious files distributed through the botnets monitored by Kaspersky Lab were banking Trojans, while in the first half of 2018, the share of bankers dropped by 9.21 percentage points – to 13.25% of all malicious files witnessed by the Botnet Tracking service.

 

The share of spamming bots – another type of single-purpose malicious software distributed through botnets – also decreased significantly: from 18.93% in H2 2017 to 12.23% in H1 2018. DDoS bots, yet another typical single-purpose malware, also dropped, from 2.66% in H2 2017 to 1.99% in H1 2018.

 

At the same time, the most distinctive growth was demonstrated by malware of a versatile nature, in particular Remote Access Tools (RAT) malware that provides almost unlimited opportunities for exploiting the infected PC.

 

Since H1 2017, the share of RAT files found among the malware distributed by botnets almost doubled, rising from 6.55% to 12.22%. Njrat, DarkComet and Nanocore topped the list of the most widespread RATs. Due to their relatively simple structure, the three backdoors can be modified even by an amateur threat actor. This allows the malware to be adapted for distribution in a specific region.

 

Trojans, also used for a variety of purposes, did not demonstrate as much progress as RATs, but, unlike a lot of single-purpose malware, their share of detected files increased, rising from 32.89% in H2 2017 to 34.25% H1 2018.

 

Just like the backdoors, one Trojan family can be modified and controlled by multiple command and control (C&C) servers, each with different purposes, for example, cyberespionage or the stealing of credentials.

 

The reason why RATs and other multipurpose malware are taking the lead when it comes to botnets is obvious: botnet ownership costs a significant amount of money and in order to make a profit, criminals should be able to use each and every opportunity to get money out of malware. A botnet built out of multipurpose malware can change its functions relatively quickly and shift from sending spam to DDoS or to the distribution of banking Trojans. While this ability in itself allows botnet owner to switch between different ‘active’ malicious business models, it also opens an opportunity for a passive income: the owner can simply rent out their botnet to other criminals,” said Alexander Eremin, Security Expert at Kaspersky Lab.

 

The only type of single-purpose malicious programs to demonstrate impressive growth within botnet networks were miners. Even though their percent of registered files is not comparable to highly popular multifunctional malware, their share increased two-fold and this fits in the general trend of a malicious mining boom as seen earlier by our experts.

 

To reduce the risk of turning your devices into part of a botnet, users are advised to:  

  • Patch the software on your PC as soon as security updates for the latest bugs uncovered are available. Unpatched devices can be exploited by cybercriminals and connected into a botnet.
  • Do not download pirated software and other illegal content, as these are often used to distribute malicious bots.
  • Use Kaspersky Internet Security to prevent your computer being infected with any type of malware, including that used for the creation of botnets.

 

 

Read the full version of the report on Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
Longer, Expanding, Demanding: Botnet DDoS Attacks Highlighted in Kaspersky Lab Quarterly Report
Techworld Date Posted: 24 August 2017 11:42 AM | 241 Views
The second quarter of 2017 was proof that long-lasting DDoS attacks are back in business. The longest attack in the quarter was active for 277 hours (more than 11 days) - which is a.... See More
 
Longer, Expanding, Demanding: Botnet DDoS Attacks Highlighted in Kaspersky Lab Quarterly Report
Techworld Date Posted: 11:42 AM | 241 Views
The second quarter of 2017 was proof that long-lasting DDoS attacks are back in business. The longest attack in the quarter was active for 277 hours (more than 11 days) - which is a...See More

 
Bulk Messaging Malware in Facebook Messenger
Techworld Date Posted: 7 September 2017 1:42 PM | 216 Views
Some time ago, an antivirus expert from our Global Research and Analysis Team, David Jacoby, discovered multiplatform malware that was distributed through Facebook Messenger. A few years ago, similar outbreaks were occurring quite often,.... See More
 
Bulk Messaging Malware in Facebook Messenger
Techworld Date Posted: 1:42 PM | 216 Views
Some time ago, an antivirus expert from our Global Research and Analysis Team, David Jacoby, discovered multiplatform malware that was distributed through Facebook Messenger. A few years ago, similar outbreaks were occurring quite often,...See More

 
NARUTO TO BORUTO: SHINOBI STRIKER UNVEILS ITS GAMEPLAY WITH MORE DETAILS ABOUT FIGHTERS AND BATTLE MODES
Techworld Date Posted: 23 August 2017 11:49 AM | 322 Views
BANDAI NAMCO Entertainment Asia is excited to reveal the amazing new content about the acrobatic ninja battle action game developed by Soleil Ltd. AVATAR SYSTEM For the first time in the Naruto series, the Avatar System.... See More
 
NARUTO TO BORUTO: SHINOBI STRIKER UNVEILS ITS GAMEPLAY WITH MORE DETAILS ABOUT FIGHTERS AND BATTLE MODES
Techworld Date Posted: 11:49 AM | 322 Views
BANDAI NAMCO Entertainment Asia is excited to reveal the amazing new content about the acrobatic ninja battle action game developed by Soleil Ltd. AVATAR SYSTEM For the first time in the Naruto series, the Avatar System...See More

 
ASUS Republic of Gamers Announces ROG Swift PG65 Big Format Gaming Display with NVIDIA G-SYNC at CES 2018
Techworld Date Posted: 8 January 2018 4:30 PM | 312 Views
ASUS Republic of Gamers (ROG) today announced that it will unveil the new ROG Swift PG65 big format gaming display (BFGD) with NVIDIA® G-SYNC® at CES® 2018 in Las Vegas.. See More
 
ASUS Republic of Gamers Announces ROG Swift PG65 Big Format Gaming Display with NVIDIA G-SYNC at CES 2018
Techworld Date Posted: 4:30 PM | 312 Views
ASUS Republic of Gamers (ROG) today announced that it will unveil the new ROG Swift PG65 big format gaming display (BFGD) with NVIDIA® G-SYNC® at CES® 2018 in Las Vegas.See More

 
1-in-4 Would Rather Be Caught Naked Than Go Without Their Connected Device
Techworld Date Posted: 28 August 2018 5:07 PM | 157 Views
From helping us get from A to B, to ordering food and staying in touch with friends, the digital world has now become so ingrained in our daily lives that not having internet access.... See More
 
1-in-4 Would Rather Be Caught Naked Than Go Without Their Connected Device
Techworld Date Posted: 5:07 PM | 157 Views
From helping us get from A to B, to ordering food and staying in touch with friends, the digital world has now become so ingrained in our daily lives that not having internet access...See More

PCBG Contributing Writer
Allu Out, GuardiaN In
Techworld • By: PCBG Contributing Writer | Date Posted: 3 August 2017 1:59 PM | 518 Views
After failing to qualify for the quarterfinals at the recent PGL Krakow Major Championship, Natus Vincere shocked many fans due to their visibly poor performance during the group stage matches. It was one of.... See More
PCBG Contributing Writer
Allu Out, GuardiaN In
Techworld • By: PCBG Contributing Writer | Date Posted: 1:59 PM | 518 Views
After failing to qualify for the quarterfinals at the recent PGL Krakow Major Championship, Natus Vincere shocked many fans due to their visibly poor performance during the group stage matches. It was one of...See More

 
Fortinet Offers Essential Cyber-Safety Tips Amidst Escalating Cyber-Attacks
Techworld Date Posted: 21 September 2017 1:22 PM | 480 Views
Fortinet, the global leader in high-performance cyber security solutions, warns businesses and individuals in Philippines to brace for escalating cyber-attacks as cyber-criminals expand their targets to home network devices and mobile devices. Fortinet's latest.... See More
 
Fortinet Offers Essential Cyber-Safety Tips Amidst Escalating Cyber-Attacks
Techworld Date Posted: 1:22 PM | 480 Views
Fortinet, the global leader in high-performance cyber security solutions, warns businesses and individuals in Philippines to brace for escalating cyber-attacks as cyber-criminals expand their targets to home network devices and mobile devices. Fortinet's latest...See More

 
From Cloud Growth to a Cloud Mess: Two Out of Three SMBs Struggle with Over-Complicated IT Infrastructure
Techworld Date Posted: 5 July 2018 2:01 PM | 314 Views
As their businesses grow, companies increasingly embrace new business tools and cloud services in an attempt to make their employees’ working lives more efficient and flexible, as well as reduce expenditures. . See More
 
From Cloud Growth to a Cloud Mess: Two Out of Three SMBs Struggle with Over-Complicated IT Infrastructure
Techworld Date Posted: 2:01 PM | 314 Views
As their businesses grow, companies increasingly embrace new business tools and cloud services in an attempt to make their employees’ working lives more efficient and flexible, as well as reduce expenditures. See More

 
Industry Leading Technology Partners Join the Fortinet Security Fabric Ecosystem
Techworld Date Posted: 23 November 2017 10:28 AM | 277 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the addition of 11 industry-leading information technology providers to its Fabric-Ready Partner Program. See More
 
Industry Leading Technology Partners Join the Fortinet Security Fabric Ecosystem
Techworld Date Posted: 10:28 AM | 277 Views
Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the addition of 11 industry-leading information technology providers to its Fabric-Ready Partner ProgramSee More

 
NVIDIA Announces GeForce GTX Destiny 2 Bundle and a Comprehensive Graphics and Performance Guide
Techworld Date Posted: 19 October 2017 2:21 PM | 198 Views
The Destiny franchise is coming to PC for the first time in history on October 24, 2017 with the upcoming release of Destiny 2, and NVIDIA has been partnering with Bungie and Activision on.... See More
 
NVIDIA Announces GeForce GTX Destiny 2 Bundle and a Comprehensive Graphics and Performance Guide
Techworld Date Posted: 2:21 PM | 198 Views
The Destiny franchise is coming to PC for the first time in history on October 24, 2017 with the upcoming release of Destiny 2, and NVIDIA has been partnering with Bungie and Activision on...See More


Power by

Download Free AZ | Free Wordpress Themes