Yes, our investigation into Operation Windigo
resulted in one of ESET’s biggest botnet research projects ever. Our
research team uncovered a network of infected servers employed to
redirect users to malicious web content, steal credentials, and send
spam. We discovered that over the last few years more than 25,000
servers had been infected. At the time of writing our report, more than
10,000 servers were still infected. (Editor: You can download the award
winning research paper on Windigo here.)
What operating system does a bot usually run? Have you seen any botnets on Mac, Linux, or Android?
We have seen malicious software being created for all major operating systems. Regrouping infected devices into networks, or botnets, is feasible for every platform. An example is the Flashback malware, which infected hundreds of thousands of Mac devices.
What is the most effective approach to fighting botnets?
From a technological perspective, there are various ways to fight botnets, starting with anti-malware. We can spot infections in network traffic, in the memory of infected computers or on their hard drive. On the other hand, I think the most effective approach to fighting botnets is education, by raising the awareness around this threat. We need to help everyone realize that if their computer is infected, it might be used to harm others. Thus, whenever an infected computer is found, it needs to be taken offline and cleaned as quickly as possible. Finally, collaboration between users, research groups, internet service providers and law enforcement agencies greatly helps in fighting botnets and bringing the people who operate them to justice.
What operating system does a bot usually run? Have you seen any botnets on Mac, Linux, or Android?
We have seen malicious software being created for all major operating systems. Regrouping infected devices into networks, or botnets, is feasible for every platform. An example is the Flashback malware, which infected hundreds of thousands of Mac devices.
What is the most effective approach to fighting botnets?
From a technological perspective, there are various ways to fight botnets, starting with anti-malware. We can spot infections in network traffic, in the memory of infected computers or on their hard drive. On the other hand, I think the most effective approach to fighting botnets is education, by raising the awareness around this threat. We need to help everyone realize that if their computer is infected, it might be used to harm others. Thus, whenever an infected computer is found, it needs to be taken offline and cleaned as quickly as possible. Finally, collaboration between users, research groups, internet service providers and law enforcement agencies greatly helps in fighting botnets and bringing the people who operate them to justice.
Leave a Comment