The Business of Bots

First there were viruses - malicious code that did something on a computer that the user did not initiate or want. Next there were worms, viruses that could spread themselves using email or by exploiting network or application vulnerabilities. ... What could be worse? What if the originator of the worm could retain control of each infected PC? What if the author of the virus no longer wanted the spotlight? What if the purpose of the worm were to make money and not just to disrupt computers? These what-ifs are no longer speculation; they describe the current nature of botnets. (Schiller, 2007).

     There are underground opportunities for bot-herders to accumulate large sums of money by performing the attacks listed in the previous section for hire. Some bot-herders create web sites dedicated to offering their services. "Security researchers studying the latest Internet crime trends have discovered a new Eastern European website that uses a large botnet to infect vulnerable PCs. The operators of the botnet and website charge clients for each successful PC infection" (Berinato, 2007). This particular site, called loads.cc, is not alone; there are others. Many of these sites are located in countries with lax security control of their top level domains. The cc domain is assigned to a terriroty of Australia but the loads.cc website is believed to originate out of Russia. "The business model behind loads.cc creates several concerns. The botnet is available to anyone, and loads cost only 20 cents each; this could lead to a set of ‘super-infected’ PCs that have several-possibly dozens-of bots loaded onto them" (Berinato, S. 2007).

     Using the collections of infected computers, cybercriminals have gleaned enough personal data to continue identity-theft operations many years, according to Acohido and Swartz, (2008). The economic impact of spamming operations is just as alarming. As stated by Spammer-X, (2004), spammers can easily send thousands of e-mails from different machines and the risk of these spammers being caught is very low when using botnets.

The interest from spammers became so great that hackers began to sell Botnets, and compromised machines became part of a secret underground virtual economy. ... In the beginning the cost was high. For a 200 client Botnet you could expect to pay up to $1,000.00, but as more worms propagated, the price dropped. Soon, exclusive control over 1000 hosts could be bought for as little as $500.00. Now, exclusive control over a single zombie can sell for as little as 10 cents! (Spammer-X, 2004).

     That the business of botnets is exploding is a conclusion that cannot be denied. The number of intercepted botnet communications has grown from a daily figure of 333,023 in June of 2006 to a daily figure of 7,303, 148 by January of 2008.

References