Even the experts disagree about who among the top botnets is actually top - Kraken, Bobax, Storm or some other.
No matter though, the fact is that these botnets are not run by kids - they're run by criminals - cybercriminal organizations from across the world. They're making money easier than they did robbing banks and stealing cars - or running drugs and scamming shippers; and they're making the money off of YOU!
Well, hopefully not off you, my readers - hopefully you've been listening to me and have not opened anything sent to you unannounced or visiting questionable web sites. You've been running recent firewall software and anti-virus.
But no matter whether you've been doing all the right things or not, today you're vulnerable to having your computer taken over and used by the bad-uglies for their own purposes - and you may not even know that they've done it.
Today's bot-ware is so sophisticated that some of it even eliminates other bot-net software, keeping your system for itself. In some ways this might even be a not too bad situation; "hey - my computer's infected with the new xyzzy botnet and it got rid of all the other crap on my system that was slowing it down something awful - and it guarantees that it will only use 5% of the CPU and my outbound bandwidth on average, and only runs when I'm not at the keyboard, so what the heck - not bad!"
Not only are they sophisticated in their creation of software, they're sophisticated in hiding from the anti-virus vendors and in bypassing firewalls.
But the problem is they're not just targeting "other people" - they're targeting you too. These guys are sly enough to grab your keystrokes and snoop on your passwords, putting the information away for another day so you don't suspect they're going to do anything.
When you have tens or hundreds of thousands of computers, you can send literally billions of spam messages a day without breaking a sweat - and if only a miniscule number of recipients act on them, the bad-uglies are still ahead of the game. And they've gone through your whole computer looking for stuff they can use to social-engineer entry into your bank, your employer, your tennis club, your Boy Scout troup, Air Cadet league, or any other organization you belong to and converse with online. They're looking for anything they can use - and in today's world, the more personal, the better.
Social Engineering is what it's all about:
Finding out your boss' e-mail address so they can send them a "document" that purports to come from you - and actually contains an exploit that will let them suck the payroll account of the business dry - no pay for you!
Finding the address of any children you correspond with so they can sell it to a pedophile or use it themselves to get access to their computers - and find even more children.
Finding the way into any and every aspect of your life - if not for use today, then for use tomorrow as they get more and more specific in their targeting.
Yes, we're no longer dealing just with wholesale spam and non-specific targets, we're dealing with crooks that target specific businesses, organizations and even individuals; currently mostly the largest, but they're working their way down the list towards the rest of us and it won't be long. Couple some of the computer industry's efforts in Artificial Intelligence (AI) and the incredible amount of computing power available in today's "cloud" computing (use of massive numbers of computers as if they were one big computer facility) and add in the fact that the crooks are either becoming smarter or paying the smart people to become more crooked, and you have an epidemic of nasty badness happening.
What does all this mean to you, the general computer user?
What it means is that your continued use of the internet is down to you;
Richard's Digital Rag Daily
http://blog.pacdat.net/article.php/20080414040953899