backtop


Print 102 comment(s) - last by Iketh.. on Oct 18 at 2:50 AM


Unbeknowst to you, your computer could be a double agent, committing cybercrime as part of a internet-connected botnet. Over 2.2 million American PCs are part of some botnet, according to Microsoft.  (Source: Ubisoft)
U.S. leads the world in botnet virus infection rates

According to a new 240-page security report from Microsoft dubbed the Security Intelligence Report, America is among the most infected countries in the world when it comes to botnets.  The report uses information collected in the first half of 2010 via the Microsoft Malicious Software Removal Tool.

Over 2.2 million PCs in the U.S. are infected with a virus that makes them part of one of the internet's massive botnets.  The term "botnet" refers to a group of connected computers that can be used for ill purposes such as spamming, distributed denial of service (DDoS) attacks, and mass credit card fraud.

Brazil came in second place for most infected computers, with 550,000 botnet-infected PCs.  Per computer population, though South Korea had the highest rate (though its total number of infected machines is lower than that of the U.S. or Brazil).  In South Korea 14.6 out of 1,000 PCs are in a botnet, versus 5.2 computers out of 1,000 in the U.S.

Cliff Evans, head of security and identity at Microsoft UK, comments to 
BBC News, "Most people have this idea of a virus and how it used to announce itself.  Few people know about botnets."

Fewer people perhaps know about Microsoft's Malicious Software Removal Tool (MRT).  MRT has been is a free tool Microsoft includes with Windows XP, Windows Vista, and Windows 7.  First released in 2005, the tool is easy to run -- just go to "Start", type "run" in the search bar, and then type "mrt" (case insensitive) in the resulting popup.  The tool will then activate and be ready to scan your computer and remove many common types of malware.

Perhaps if everyone learns how to use the MRT, America can escape earning the dubious distinction of being the world's biggest botnet participant in 2011.  Given the general public's ignorance of security, that seems unlikely, though.

Despite the difficulty in getting the public to practice proper security, Microsoft is taking steps to try to win the war against botnet masters on its own.  The company recently seized control over 276 internet domains that were being used by botnet owners.  And it has beefed up the securityof its most recent operating system, Windows 7, making it harder to infect new PCs.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Nay
By sprockkets on 10/14/2010 3:49:28 PM , Rating: 2
They list it critical for all OS versions except for Server 2003.

And I understand they have to test patches, but Sept went by, then Nov, then Dec, then Jan, then oh wait, I guess we should release the patch now.


RE: Nay
By Luticus on 10/14/2010 4:01:15 PM , Rating: 2
testing is one thing, but what i'm referring to is patch development. it's not as easy as "oh there's a problem, lets poop out a patch. patching can be tricky because usually patching one thing can break others. sometimes figureing out a way to fix a major feature without totally breaking things or crippling your software can be not only tricky and difficult but nearly impossable.

i write code from time to time and patching the hole in the wall applications i write can take me weeks and sometimes months to do. here you have microsoft, a company that writes apps with millions upon millions of lines of code devided in to dev teams that all work different parts of the software and it's a major app that HAS to work in all aspects on TONS of different hardware platforms with many different software configurations. I'm amazed they get most of the patches out in the time frames they do to be perfictally honest!

MS might not be perfect but be reasonable, i think they deserve a little more slack than they get.


RE: Nay
By sprockkets on 10/14/2010 4:28:47 PM , Rating: 2
Well, it doesn't take 5 months to do that.

And they said it would be released in Sept.

It was a critical vulnerability which caused real harm. They should have released that ASAP, not, "oh let's wait till patch Tue in February."

Remember, they released the patch a few days after Google went public. It was ready to go.

Heck, I turn off automatic updates because I HATE when they decide, "Oh, this update is critical, I'm going to reboot your computer for you while you are not looking."


"I mean, if you wanna break down someone's door, why don't you start with AT&T, for God sakes? They make your amazing phone unusable as a phone!" -- Jon Stewart on Apple and the iPhone














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki