More than 2 million PCs in the U.S., or just over 5 out of every 1,000, were recruited into botnets during the second quarter of 2010, according to a Microsoft report released last week. Botnets are networks of unsuspecting computers, dubbed zombies, that have been infected by malicious software, or bots. Cyber-criminals control and use those computers through the bots to launch spam, viruses, and phishing attacks against other PCs over the Internet.
Microsoft issued its latest Security Intelligence Report, indicating that botnets pose the biggest problem for security teams attempting to defend websites, networks and end user devices from malware infections.
Volume 9 of the Microsoft Security Intelligence Report lays out evidence that while there has been some success in breaking up major botnets, more action is needed if security teams ever expect to see a major decline in botnet malware infections. Microsoft said it cleaned more than 6.5 million computers of botnet infections in the first half of 2010, double the amount for the same period a year before.
The U.S. had the most botnet infections, with 2.2 million in the first half of 2010, ahead of second place Brazil with 550,000 botnet infections, according to the report. Meanwhile, Spain held the top spot in Europe with 382,000 botnet infections, followed by France, the U.K. and Germany.
Nearly every piece of malware Microsoft identified in the first half of 2010 could be traced back to a major botnet. Worms increased in prevalence the most over the past four quarters, tying Trojans in prevalence in the second quarter of 2010. In addition, some malware contains hundreds and sometimes thousands of different variants, designed to slip past traditional security technologies and remain virtually undetectable on systems.
To better protect PCs from malware, Microsoft and River Run advises individuals and businesses to make sure to update their PCs with the latest patches, download the latest antivirus definitions, and use strong and secure passwords. Just last week, Microsoft launched a record number of patches to fix 49 different security holes, including one used by the Stuxnet worm.