Kaspersky Lab researchers have published a report on botnet activity in the first half of 2018, analyzing more than 150 malware families and their modifications circulating through 600,000 botnets around the world.

 

One of the most remarkable things uncovered by the research was growing international demand for multifunctional malware that is not designed for specific purposes but is flexible enough to perform almost any task.

 

Botnets – nets of compromised devices used in criminal activity – are harnessed by criminals to spread malware and facilitate DDoS and spam attacks. Using Kaspersky Lab’s Botnet Tracking technology, the company’s researchers continuously monitor botnet activity to prevent forthcoming attacks, or to nip a new type of banker Trojan in the bud.

 

The technology works by emulating a compromised device, trapping the commands received from threat actors that are using the botnets to distribute malware. This provides the researchers with valuable malware samples and statistics.

 

Based on the results of recent research, in the first half of 2018 the share of single-purpose malware distributed through botnets dropped significantly in comparison to the second half of 2017. For example, in H2 2017, 22.46% of all unique malicious files distributed through the botnets monitored by Kaspersky Lab were banking Trojans, while in the first half of 2018, the share of bankers dropped by 9.21 percentage points – to 13.25% of all malicious files witnessed by the Botnet Tracking service.

 

The share of spamming bots – another type of single-purpose malicious software distributed through botnets – also decreased significantly: from 18.93% in H2 2017 to 12.23% in H1 2018. DDoS bots, yet another typical single-purpose malware, also dropped, from 2.66% in H2 2017 to 1.99% in H1 2018.

 

At the same time, the most distinctive growth was demonstrated by malware of a versatile nature, in particular Remote Access Tools (RAT) malware that provides almost unlimited opportunities for exploiting the infected PC.

 

Since H1 2017, the share of RAT files found among the malware distributed by botnets almost doubled, rising from 6.55% to 12.22%. Njrat, DarkComet and Nanocore topped the list of the most widespread RATs. Due to their relatively simple structure, the three backdoors can be modified even by an amateur threat actor. This allows the malware to be adapted for distribution in a specific region.

 

Trojans, also used for a variety of purposes, did not demonstrate as much progress as RATs, but, unlike a lot of single-purpose malware, their share of detected files increased, rising from 32.89% in H2 2017 to 34.25% H1 2018.

 

Just like the backdoors, one Trojan family can be modified and controlled by multiple command and control (C&C) servers, each with different purposes, for example, cyberespionage or the stealing of credentials.

 

The reason why RATs and other multipurpose malware are taking the lead when it comes to botnets is obvious: botnet ownership costs a significant amount of money and in order to make a profit, criminals should be able to use each and every opportunity to get money out of malware. A botnet built out of multipurpose malware can change its functions relatively quickly and shift from sending spam to DDoS or to the distribution of banking Trojans. While this ability in itself allows botnet owner to switch between different ‘active’ malicious business models, it also opens an opportunity for a passive income: the owner can simply rent out their botnet to other criminals,” said Alexander Eremin, Security Expert at Kaspersky Lab.

 

The only type of single-purpose malicious programs to demonstrate impressive growth within botnet networks were miners. Even though their percent of registered files is not comparable to highly popular multifunctional malware, their share increased two-fold and this fits in the general trend of a malicious mining boom as seen earlier by our experts.

 

To reduce the risk of turning your devices into part of a botnet, users are advised to:  

  • Patch the software on your PC as soon as security updates for the latest bugs uncovered are available. Unpatched devices can be exploited by cybercriminals and connected into a botnet.
  • Do not download pirated software and other illegal content, as these are often used to distribute malicious bots.
  • Use Kaspersky Internet Security to prevent your computer being infected with any type of malware, including that used for the creation of botnets.

 

 

Read the full version of the report on Securelist.com.


RECOMMENDED ARTICLE FOR TECHWORLD


 
EagleTree Capital Buys Majority Share in CORSAIR in a Transaction Valued at $525 Million
Techworld Date Posted: 27 July 2017 3:30 PM | 303 Views
CORSAIR, a world leader in high-performance PC components, gaming peripherals, and enthusiast memory, announced today that EagleTree Capital ("EagleTree"), formerly Wasserstein Partners, has reached a definitive agreement in partnership with current management to acquire.... See More
 
EagleTree Capital Buys Majority Share in CORSAIR in a Transaction Valued at $525 Million
Techworld Date Posted: 3:30 PM | 303 Views
CORSAIR, a world leader in high-performance PC components, gaming peripherals, and enthusiast memory, announced today that EagleTree Capital ("EagleTree"), formerly Wasserstein Partners, has reached a definitive agreement in partnership with current management to acquire...See More

 
Enjoy Up to 30 Percent Discount on Booking.com Accommodations with PLDT and Smart
Techworld Date Posted: 15 September 2018 2:13 PM | 121 Views
In line with their thrust to give customers epic and incredible experiences, leading telco and digital services provider PLDT, Inc. and its mobile services arm Smart Communications, Inc. have teamed up with Booking.com to.... See More
 
Enjoy Up to 30 Percent Discount on Booking.com Accommodations with PLDT and Smart
Techworld Date Posted: 2:13 PM | 121 Views
In line with their thrust to give customers epic and incredible experiences, leading telco and digital services provider PLDT, Inc. and its mobile services arm Smart Communications, Inc. have teamed up with Booking.com to...See More

 
Lenovo Continues Support for Youth Organizations, Named Exclusive Technology Partner Anew of TAYO Awards Foundation
Techworld Date Posted: 15 February 2018 5:13 PM | 187 Views
Lenovo, one of the world’s biggest technology companies, is once again the official technology partner of the Ten Accomplished Youth Organizations (TAYO) Awards Foundation, Inc.. See More
 
Lenovo Continues Support for Youth Organizations, Named Exclusive Technology Partner Anew of TAYO Awards Foundation
Techworld Date Posted: 5:13 PM | 187 Views
Lenovo, one of the world’s biggest technology companies, is once again the official technology partner of the Ten Accomplished Youth Organizations (TAYO) Awards Foundation, Inc.See More


 
It’s Raining Deals: Nokia Mobile Promos for June
Techworld Date Posted: 21 June 2018 9:40 AM | 275 Views
From June 15 to August 31, enjoy a free Nokia 3310 worth PHP2,590 with every purchase of the Nokia 5 at only PHP9,990. Get free JBL T450BT Bluetooth headphones worth P3,000 with every purchase.... See More
 
It’s Raining Deals: Nokia Mobile Promos for June
Techworld Date Posted: 9:40 AM | 275 Views
From June 15 to August 31, enjoy a free Nokia 3310 worth PHP2,590 with every purchase of the Nokia 5 at only PHP9,990. Get free JBL T450BT Bluetooth headphones worth P3,000 with every purchase...See More

 
Nokia Mobile Introduces Edge-to-Edge Smartphone Experience
Techworld Date Posted: 16 October 2018 4:05 PM | 72 Views
HMD Global, the home of Nokia phones, has announced the availability of the Nokia 6.1 Plus and the Nokia 5.1 Plus in the Philippines.. See More
 
Nokia Mobile Introduces Edge-to-Edge Smartphone Experience
Techworld Date Posted: 4:05 PM | 72 Views
HMD Global, the home of Nokia phones, has announced the availability of the Nokia 6.1 Plus and the Nokia 5.1 Plus in the Philippines.See More

 
Six Filipino Youths Emerged Winners of the ASEAN Data Science Explorers National Finals
Techworld Date Posted: 2 November 2017 2:59 PM | 201 Views
Following the completion of the ASEAN Data Science Explorers Philippines National Finals, six local students were awarded with the top three awards for their insights and ideas on driving a sustainable future for ASEAN.. See More
 
Six Filipino Youths Emerged Winners of the ASEAN Data Science Explorers National Finals
Techworld Date Posted: 2:59 PM | 201 Views
Following the completion of the ASEAN Data Science Explorers Philippines National Finals, six local students were awarded with the top three awards for their insights and ideas on driving a sustainable future for ASEAN.See More

 
Kris Aquino, Bimby Give Three-Part Exclusive Tour of PLDT Home Fibr-Powered Home
Techworld Date Posted: 3 January 2018 2:26 PM | 186 Views
PLDT Home Ambassador and Queen of all Media Kris Aquino gave her viewers a treat this Christmas season through an exclusive corner-to-corner tour of her new, PLDT Home Fibr-powered home in Quezon City.. See More
 
Kris Aquino, Bimby Give Three-Part Exclusive Tour of PLDT Home Fibr-Powered Home
Techworld Date Posted: 2:26 PM | 186 Views
PLDT Home Ambassador and Queen of all Media Kris Aquino gave her viewers a treat this Christmas season through an exclusive corner-to-corner tour of her new, PLDT Home Fibr-powered home in Quezon City.See More

 
ADATA Launches New Range of Charging Products
Techworld Date Posted: 4 July 2018 11:07 AM | 167 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND Flash products, today launched a series of new charging products that make powering mobile lifestyles easier than ever.. See More
 
ADATA Launches New Range of Charging Products
Techworld Date Posted: 11:07 AM | 167 Views
ADATA Technology, a leading manufacturer of high-performance DRAM modules and NAND Flash products, today launched a series of new charging products that make powering mobile lifestyles easier than ever.See More

 
Akamai Agrees to Acquire Nominum
Techworld Date Posted: 17 October 2017 1:21 PM | 281 Views
Akamai Technologies, Inc. (NASDAQ: AKAM) today announced the company has entered into an agreement to acquire Nominum, a market leader in DNS and enterprise security solutions for carriers.. See More
 
Akamai Agrees to Acquire Nominum
Techworld Date Posted: 1:21 PM | 281 Views
Akamai Technologies, Inc. (NASDAQ: AKAM) today announced the company has entered into an agreement to acquire Nominum, a market leader in DNS and enterprise security solutions for carriers.See More


Power by

Download Free AZ | Free Wordpress Themes