Malicious bots are becoming quite common, with six out of every ten computers scanned by the Windows Malicious Software Removal Tool found to be infected, Microsoft said Monday. Altogether, the application has removed malicious bots from about 3.5 million PCs.
Social engineering attacks were found on 35 percent of machines, and rootkits were also an issue on 14 percent of the PCs scanned.
http://www.betanews.com/article/Microsoft_Bots_a_Big_Problem_for_Windows/1150131104
Hi FwF,
Yes bot-nets (grey-nets, etc) are a growing problem, as are trojans, which represent 85 procent of malware found on PC’s recently.
Reason for this is twofold, one: social engineering works apparently, the vast amount of users do not have the right attitude toward malware or lack knowledge to secure themselfs properly. A sorry state of affairs actually.
I do not exactly know the reasons for the existing situation, but parties that govern the internet are unable to stamp out the spreading of malicious programs like spyware, foistware, and spam, which are a nuisance and source of damage to many a user.
Either the problem is ignored, because programs like Zango, Webhancer etc. are still being tolerated. Lawmakers seem to take a very dubious attitude versus these “profiteers”, and in such way will continue the situation at hand. It is an ongoing struggle, and sometimes the undoer’s-of-evil book little successes (look here for a person who did a lot of good work in this field:
http://www.benedelman.org/news/010205-1.html).
Unless Big Media is willing to take out their rotten apples themselves, we are far from a solution, and spy- and trackware, and spam is going to hunt us for years to come.
polonus
I think this report uses a little bit of Fuzzy Math:
The Microsoft report says that, on average, 1 piece of malware is removed from every 311 PCs scanned: "On average, the tool removes at least one instance of malware from every 311 computers it runs on."How does that become (in your article), “with six out of every ten computers scanned by the
Windows Malicious Software Removal Tool found to be infected [with a malicious bot]”?It sounds like 1 out of 311 PCs are infected to me
The “6 out of 10” figure was, I assume,
derived from the statement that 62% of infected PCs are infected with a backdoor trojan.
So, that’s 62% of 1/311, which is 0.2% of PCs scanned, or 0.02 out of 10.
That’s a big error!
Yes, BetaNews do appear to have mangled the figures. The original MS report is clearer:
The MSRT has removed 16 million instances of malicious software from 5.7 million unique Windows computers over the past 15 months. On average, the tool removes at least one instance of malware from every 311 computers it runs on.
Thus, of the 5.7 million unique computers from which the tool has removed malware, a backdoor Trojan was present in 62% of computers. Bots, a sub-category of backdoor Trojans which communicate through the Internet Relay Chat (IRC) network, represent a majority of the removals.
Even these figures throw up more questions: 1/311 x 5.7 million is about 20k, not 16 million. ???
Like I said, Fussy Math ;D ;D ;D
Statistics are great for proving your point on any subject through number crunching.
Unfortunately, they are usually slanted in favor of the side crunching the numbers.
What interests me is how they get the statistics ;D obviously the MSRT reports home to MS, I wonder if that is mentioned anywhere ;D
Personally I never download the MSRT security update.
It gets even worse if you actually do the math correctly:
http://blogs.technet.com/antimalware/archive/2006/06/13/435670.aspx
Now factor in the normalized XP SP2 installs and the amount is laughable. Oh BTW check out (after doing the math) the ridiculously low amount of exploit based infections on normalized XP SP2. Why are the normalized results important? Because the far majority of PCs being reported are XP SP2 due to the fact that XP SP2 enables Windows Updates Automatically.