Network Security News

Botnets proliferate, making DDoS attacks cheaper

Friday, October 16, 2009

Network security researchers tracking online criminal activity say the underground marketplace for networks of hacked computers - botnets - has become so crowded in recent years that renting a botnet to launch attacks is becoming cheaper.

Botnets, which can be used by bot-herders to send out waves of spam and malware and to launch distributed denial-of-service (DDoS) attacks to take down websites and servers, are traded and rented out to attackers as a kind of black market software-as-a-service.

But as more PCs become infected by proliferating worms and Trojan malware, the price to rent a botnet is becoming progressively cheaper, according to Jose Nazario, security researcher for Arbor Networks.

"The barriers to entry in that marketplace are so low you have people basically flooding the market," Nazario said, according to Computerworld. "The way you differentiate yourself is on price."

Security researchers at Finjan previously discovered a trading platform called Golden Cash that sells batches of 1,000 infected PCs - an infected PC is called a "zombie" or bot - for as liuttle as $25 to $500.

Researchers said not all of the botnet rentals are equally dangerous, so low-end attackers may not be getting much for their money.ADNFCR-1765-ID-19412910-ADNFCR

Related News:

Zeus botnet performs MySpace spam campaign to spread itself further - 11.20.2009
A sophisticated Trojan dubbed "Zeus" has sent a flood of email messages to MySpace users in an attempt to propagate itself onto more computers, according to researchers at the University of Alabama at Birmingham.

Experts dissect Chrome OS security features - 11.20.2009
Yesterday's release of Google's groundbreaking new cloud-based operating system, Chrome OS, has caused a stir in techie circles, with experts of all stripes rushing to examine the product and issue their judgments.

Microsoft counts Chrome coup with discovery of security flaw - 11.20.2009
Security researchers at Microsoft recently discovered a security vulnerability in Google's controversial Chrome Frame for Internet Explorer, a browser plug-in that simulates Chrome functionality within an Internet Explorer session.

iPhone user sues games maker, claiming to have found hidden spyware - 11.18.2009
An iPhone gamer filed a federal lawsuit against mobile game programmer Storm8 today, alleging that the company violated his privacy by including hidden code in its games that gathered his personal information without permission.

Government watchdog warns of possible IT leaks at Los Alamos - 11.16.2009
The Government Accountability Office has issued a report on data security at the Los Alamos National Laboratory which says that sensitive and highly classified information is vulnerable to outside access.
View Related Resources
Or
Watch an Online Demo
Or
Have us call you now