Windows Botnet Infections On the Rise, says Microsoft

According to a recent report from Microsoft, the Redmond-based software company removed 6.5 million botnets from Windows machines during the first period of 2010 -- which is more than double the number eliminated by the firm over the same period in 2009.

Botnets Used to Spam, Spread Malware, Steal Secrets

In simple terms, a botnet (or "robot network") is a group of infected PCs that are under control of a few (or 1) individual. Typically, a PC becomes infected by visiting a malicious website, or by opening a malicious file or email.

Once a computer is infected with botnet malware, it becomes part of the botnet network. Botnets are used to spread mass emailing spam (unsolicited, bulk email) messages to millions of users, spreading malware to other machines, and even stealing corporate secrets.

Owners of infected PCs are unaware their computers are infected or part of a botnet.

Americans are Prime Target of Windows Botnets

The bi-annual study is called the Microsoft Security Intelligence Report, volume 9 (SIRv9) and was released on yesterday. Findings are based on information collected from millions of computers running the Windows operating system (OS) around the world, statistics rounded up by Microsoft as it performs scans and cleaning operations for its many software products.

Highlighted in this last report is the number of botnets taken down during Quarter 2, 2010. Findings show that these threats are distinctly on the rise, and are targeting many Americans.

According to Microsoft's report, 2.2 million U.S.-based machines were infected during that period, the most in the world. This incredible number was followed by Brazil, with 550,000 infections, and Spain at 382,000 bots. (Source: bbc.co.uk)

Surprisingly, Korea has the most concerning per capita rate of infection. There, for every one thousand Windows computers, 14.6 were infected with bots. In Spain, the number is 12.4/1000, and in Mexico it's 11.4/1000.

Botnets Mark New Era in Cybercrime

Microsoft security expert Jeff Jones suggested the widespread use of botnets may mark a new trend in attack strategy for hackers.

"We are seeing botnets as the integration point for malware and the launchpad for cybercrime," Jones said. "We are seeing some good impact [from botnet takedowns], but equally there is still a high number of infections, so there's lots of work still to be done." (Source: darkreading.com)

Number of Vulnerabilities Continues to Decline

Thankfully, the Microsoft report brought some good news with it, too. Research shows that the number of reported vulnerabilities continues to decline, as it has done so for the past four years. In fact, there were about 3,500 reported vulnerabilities in early 2006, and during the same period this year just 2,500 flaws were brought to light.

Jones says there's still room for improvement. "The caveat is that it's good that it's down, but those numbers are still really high, in the 2,500 to 3,000 range for a six-month period."