Home
Internet
Internet News
India ranks third among ZeroAccess botnet infected countries: Symantec

India ranks third among ZeroAccess botnet infected countries: Symantec

By NDTV Correspondent | Updated: 4 October 2013 10:19 IST

According to Symantec, the resilient and sophisticated ZeroAccess botnet is one of the largest of its kind in existence, with more than 1.9 million infected computers observable on a given day (statistics from August 2013). The US has the highest infection rate, at 35.1 percent, with Japan number two on the list, with 9.3 percent. As is common in such cases, India is high up on the list, officially third, with 5.6 percent of the global infections.

Earlier this year, Symantec's Internet Security Threat Report Vol 18 - identified that India accounted for nearly 15 percent of global botnet spam, responsible for disseminating an estimated 280 million spam messages per day worldwide.

The cyber-security company says it has been grappling with the ZeroAccess botnet for a while now, and has so far succeeded in 'sinkholing' more than half a million bots, which it calls a 'serious dent' to the number of bots under the attacker's control. Symantec also claims to be actively working with ISPs and CERTs worldwide to share information and help get ZeroAccess bot infected computers cleaned up.

Symantec emphasises the ZeroAccess botnet's most dangerous aspect - its use of a peer-to-peer (P2P) command-and-control (C&C) communications architecture, which gives it a high degree of availability and redundancy. In the ZeroAccess botnet, there is constant communication between peers. Each peer continuously connects with other peers to exchange peer lists and check for updated files, making it highly resistant to any takedown attempts.

Highlighting the moneymaking methods used by ZeroAccess botnet attackers, Symantec said that the botnet leverages click-fraud and Bitcoin mining to carry out two revenue generating activities, and potentially earns its perpetrators tens of millions of USD per year in the process.

Elaborating on click-fraud, Symantec said the Trojan botnet downloads online ads onto the infected computer, and generates artificial clicks on the ads as if they were generated by legitimate users. These false clicks count for pay outs in pay-per-click (PPC) affiliate schemes.

Detailing the abuse of BitCoin mining, Symantec said the virtual currency holds a number of attractions for cybercriminals. The way each BitCoin comes into existence is based on the carrying out mathematical operations known as "mining" on computing hardware. This activity has a direct value to the botmaster and a cost to the unsuspecting victims.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: India, Symantec, ZeroAccess, ZeroAccess botnet, botnet, cyber-security, cybersecurity, internet security, malicious software, malware, virus