Microsoft Report: U.S. Leads World In Botnet Infections

The U.S. ranks No. 1 in botnet infections around the world, according to the latest release from the Microsoft Security Intelligence Report.

The 240-page Microsoft Intelligence report, which relies on information garnered in the first half of 2010 via the Microsoft Malicious Software Removal Tool for Windows XP, Vista Windows 7, indicated that the U.S. leads the world with more than 2.2 million PCs infected with malware that has incorporated them into a botnet -- a massive network of computers operated by a centralized command and control center.

Brazil came in second, with 500,000 PCs botnet-infected PCs, while Spain ranked third at 382,000. South Korea had the highest proportion of infected computers with 14.6 out of every 1,000 PCs being plagued with some kind of botnet, beating the U.S. in which 5.2 out of every 1,000 computers are incorporated in a botnet.

Statistics in Microsoft's SIR were gathered from detecting and removing botnets from 6.5 million computers around the globe during the first six months of 2010. Of all botnets, the Win32/Rimecud was the most prevalent, responsible for more than three and a half million of total infected machines.

id
unit-1659132512259
type
Sponsored post

However, Microsoft's latest operating system, Windows 7, was found to have lower infection rates than earlier versions of Windows, especially Windows XP. Infection rates for Windows XP SP3 were more than double the infections for Windows Vista SP2, according to the report.

Next: Users Lack Awareness About Botnets

Meanwhile, experts say that the general public is still lacking awareness about basic computer security and threats such as botnets.

Cliff Evans, who heads security at the U.K. division of Microsoft, told the BBC News that "Most people have this idea of a virus and how it used to announce itself. Few people know about botnets."

Once computers are infected by a botnet, they can be accessed by hackers looking to steal personally identifying and financial data, or glean login credentials to infiltrate sensitive accounts. The bot computers can also be used by cyber criminals to distribute spam, phishing attacks that download Trojans and keyloggers and Distributed Denial of Service attacks.

"Once they have control of the machine they have the potential to put any kind of malicious code on there," Evans said. "It becomes a distributed computing resource they then sell on to others."

In recent months, Microsoft has taken steps to further combat the rapidly increasing botnet population. The Redmond, Wash.-based software giant released a detection and removal tool for the Zeus botnet, or Zbot, which specializes in attacks targeting banking and financial institutions.

Next: Microsoft Combats Waledac Botnet

In addition, Microsoft embarked on a collaborative initiative along with other security and academic organizations in an effort to combat the Waledac bot, winning legal control over 276 Internet domains that linked infected computers to the bot's command and control centers.

Earlier this month, Microsoft started on a comprehensive information campaign encouraging governments and organizations to quarantine botnet-infected computers.

Since 2005, Microsoft has also offered a free Malicious Software Removal Tool (MRT), included with Windows XP, Windows Vista and Windows 7, which users can automatically activate to scan and remove a variety of malware from their PCs.