Security threats Toolkit

Botnet malware proliferates on Windows PCs

Tags:
Windows,
Malware

Joris Evers CNET News

Published: 25 Oct 2006 09:40 BST

Malicious remote control software continues to be one of the biggest threats to Windows PCs, according to a new Microsoft security report.

More than 43,000 new variants of such insidious software were found in the first half of 2006, making them the most active category of malicious software, Microsoft said in a Security Intelligence Report published on Monday. In June Microsoft also flagged zombies as the most prevalent threat to Windows PCs.

"Attackers, with financial gain in mind, are clearly concentrating a significant amount of development focus on this category of malware," Microsoft said in the report.

Of 4 million Windows PCs found to be infected with some kind of malicious software in the first half of this year, about 2 million were running malicious remote control software, Microsoft said. The data is collected by Microsoft's free Windows Malicious Software Removal Tool, which runs when security updates are installed on Windows PCs.

While the number is high, it is actually a decrease from the second half of 2005, when Microsoft found that 68 percent of infected PCs contained a backdoor Trojan. Meanwhile, hackers are trying harder to make their networks of hijacked computers go unnoticed by moving to new web-based techniques.

A computer compromised by such a Trojan horse, popularly referred to as a zombie PC, can be used by miscreants in a network of bots, or "botnet", to relay spam and launch cyberattacks. Additionally, hackers often steal the victim's data and install spyware and adware on PCs, to earn a kickback from the spyware or adware maker.

Rootkits, which make system changes to hide another piece of possibly malicious software, remain an uncommon threat. There has been a 50 percent reduction in this kind of attack against computers running Windows during the past six months, Microsoft said.

Microsoft introduced the Windows Malicious Software Removal Tool in January last year. An updated version of the program ships monthly with Microsoft's security updates. The tool aims to identify and remove prevalent malicious software from PCs.