8 botnets of all time

Recently, Europol has broken down a network of hackers controlling over 3 million infected computers around the world. The action was aimed at the Ramnit botnet, which infected computers from 2012. This is not the first such an extensive botnet - when the report on the most active threats in February was published, ESET experts present the eight largest zombie computer networks in recent years.

Botnets, or networks of zombie computers that execute cybercriminal commands, are responsible for spamming or spreading malicious software. Controlling a large botnet gives cybercriminals the ability to send billions of spam messages or carry out mass attacks on servers, such as banks.

Despite the fact that it is the networks of zombie computers that are responsible for a large number of attacks, the awareness of Internet users in this area is relatively small. What were the most known botnets and which ones caused the most damage? Experts from ESET are responsible for this question.

Grum - Grum was established in 2008 and within four years became responsible for 26% of the world spam traffic. At the peak of its activity in 2010, it was able to emit 39.9 billion messages a day, making it the largest botnet in the world at that time.

ZeroAccess - ZeroAccess is one of the recently discovered and closed botnets. It is estimated that he controlled over 1.9 million computers around the world. Its purpose was the generation of false clicks on advertising banners, thus obtaining revenue in advertising that settles for one click. The botnet also gained bitcoins, and to achieve this goal it used as much energy from infected computers as it needed to supply 111 thousand. houses.

Kraken - Kraken botnet is said to have infected 10% of all companies in the "Fortune 500 companies" ranking. He controlled almost 500,000 computers, and each of them was able to send as much as 600,000. e-mails a day.

Windigo - Windigo botnet was discovered last year by ESET experts, previously it remained undetected for 3 years. From the beginning of its activity, it infected 10,000 Linux servers, and thus sent 35 million spam emails daily. Interestingly, the botnet sent three different forms of malware, depending on the receiving device's operating system: malicious software for Windows computers, dating site ads for Mac OS X users, and pornographic content for iPhone users.

Storm - The size of the Storm botnet varied between 250,000 and 50 million computers. Detected for the first time in 2007, it owes its name to the subject of the spam message it sent. Recognized as one of the first botnets in the peer-to-peer network (controlled computers were not managed from one central server). His goal was to fraud at stock prices and identity theft.

Cutwail - Botnet controlled up to 2 million computers in 2009, sending 74 billion spam messages a day, or nearly one million per minute. This result is 46.5% of the world's total amount of spam at that time. In 2010, researchers at the University of California, Santa Barbara and the Ruhr University in Bochum, shut down two-thirds of the Cutwail botnet servers.

Srizbi - Botnet Srizbi was active only for a year or two, but at that time computers under his control were responsible for 60% of all spam in the world - 60 billion e-mails per day in 2007-2008. When his host was shut down, the amount of spam around the world dropped by 75%.

Metulji and Mariposa - Both the Metulji and Mariposa botnets infected over 10 million machines each, making them the largest botnet in terms of coverage. It is believed that Metulji has been used to steal passwords, credit card numbers and social security numbers totaling millions of dollars.

source: eset.pl



Learn more about our offer

If you sell security solutions, are a distributor, authorized partner or developer and would like to share your portfolio with a group of potential customers, advertise an event, software, hardware or other services on AVLab - simply write to us. Or maybe you had to deal with ransomware? We can also help you decrypt your files.
Read more

We use Google Cloud Translation and Gengo API’s to translate articles with exception of our comparative tests.