PandaLabs has detected more than 10,000 new bots in 2005

Bots have emerged as the most prolific type of malicious code during 2005. According to data from PandaLabs, more than 10,000 new examples have appeared during this year alone. Bots (or robots) are automated worms or Trojans that install themselves on computers to automatically carry out certain action, such as sending spam, turning the computer into what is commonly known as a “zombie’.

According to Luis Corrons, “Viral activity on the Internet is, at present, exceptionally high, although the principal danger is no longer fast spreading email worms but unknown malicious code that can be used for stealing confidential data as part of online fraud routines. The creators of malicious code now concentrate their efforts on obtaining financial returns, which explains the enormous proliferation of bots, a type of malware highly suited to this purpose. Evidently, a wide-scale epidemic that attracts the interest of users and the media is not in their interests, as the aim is to ensure their creations infiltrate computers without people knowing in order that they can operate maliciously for a long as possible. Most of the 10,000 new bots that we have detected in 2005 were rooted out thanks to TruPreventTM Technologies, which can determine the presence of malicious code with no need for updates.”

Many bots are designed to receive and execute remote attack orders. For this reason they can take a wide range of actions depending on the requirements of their creator: attacks on other computers, downloading malicious code onto the computer, etc. In general, the aim of the creators of bots is not to infect a single computer but to create a network of computers infected with a specific bot. This can generate considerable profits, as, for example, spyware installed on numerous computers would return a host of data. This data can then be sold on to unscrupulous marketing companies for considerable sums of money.

There are several ways to install bots on systems including exploiting browser vulnerabilities that allow automatic download and execution of files when visiting a web page. The distribution method is the most dangerous aspects of bots, as many unknown specimens are installed on numerous computers the world over, with both users and security companies unaware of their existence. Given that traditional antiviruses can only tackle previously identified threats, they are unable to deal with unknown bots. Proactive technologies are needed to combat the threat as they are able to establish the presence of unknown malicious code on the system. For example, TruPreventTM proactive detection technologies from Panda Software, have, since August 2004, detected more than 23,000 unknown malicious codes, including thousand of bots.

“Proactive technologies have ceased to be simply an option and are now a genuine necessity. Those who don’t have them, given the present Internet situation, are running a serious risk and will always be one step behind virus creators who look to exploit those computers that don’t have this type of protection. The question is not to replace current antivirus technologies -which are the most effective answer to known threats- but to provide an extra layer of protection to reduce the chance of either known or unknown malicious code entering the computer to a minimum.” explains Corrons.

About PandaLabs

Since 1990, its mission has been to analyze new threats as rapidly as possible to keep our clients save. Several teams, each specialized in a specific type of malware (viruses, worms, Trojans, spyware, phishing, spam, etc), work 24/7 to provide global coverage. To achieve this, they also have the support of TruPreventâ„? Technologies, which act as a global early-warning system made up of strategically distributed sensors to neutralize new threats and send them to PandaLabs for in-depth analysis. According to Av.Test.org, PandaLabs is currently the fastest laboratory in the industry in providing complete updates to users (more info at www.pandasoftware.com/pandalabs.asp).