According to Shadowserver Foundation (a volunteer watchdog group of security professionals that gather, track, reports on malware, botnet activity, and other forms of electronic fraud.), the number of compromised zombie PCs in botnet networks has quadrupled over the last three months.

In June 2008 Shadowserver Foundation had discovered more than 100,000 computers that were part of botnet networks. By the end of August 2008 this figure had exceeded 450,000 computers which are now run by cyber criminals.

The rise in the number of botnets has been accompanied by a fall in the number of so-called command and control (C&C) servers tracked by the Shadowserver group suggesting that Cyber criminals are concentrating their resources. As their name implies, the C&C servers control all the computers linked to them.

The rise is believed to be associated with the booby-trap Web sites which infect the PCs of visitors. When someone visits an infected Web site, their browser is detected and attacked. The visitor is unaware that they may have a keylogger which has been installed on their PC and which can send sensitive information, including their passwords, to the hacker(s).

The Cyber criminal(s) use a program that instantly installs the malicious software. This is how a PC is hijacked and becomes a botnet . For Cyber criminals,  this is the most effective way to recruit new computers rather than reling on sending viruses out via email messages. Inside this initial attack program is a code that directs it to contact a C&C server which then downloads software rendering completely under the control of a Botmaster.

Cyber criminals are getting more maliciously innovative in their recruitment of new computers to create a resource that they can either use, or rent, or sell to other Cyber gangs.

botnets and geographical location(s)
The computers in any individual botnet can be spread across many different countries.

botnets and spam
The vast majority of spam is routed through the hijacked computers forming a botnet . The collection of PCs are often used to launch attacks on other Web sites, as anonymous storage basis for stolen data and to help with phishing scams.

botnets and Internet attacks
botnets can be utilized to launch attacks on other systems and/or networks by completely saturating its bandwidth and/or other resources. Such DDoS (Distributed Denial of Service) attacks can prevent access to a particular website for incredibly long periods of time. This places a tremendous burden on many businesses that are unable to reach out to their customers.

DDoS attacks are possible because a botnet gives a malicious criminal unimaginable network resources. With the capability of establishing many connections from many individual network sources, mitigating such attacks becomes difficult.

For more information about botnets, click here to visit Shadowserver Foundation's Web site.