The Botnet vs. Malware Relationship
The one-to-one botnet myth
Published: June 2009

PDF Version
PDF Version

A common misperception of cyber-crime botnets is that a one-to-one relationship exists between a malware bot agent and an individual botnet. Even if this had been a true statement back when botnets first began to appear, it is not true today. The key is the development of commercial build-it-yourself malware kits. These professional-grade tools lower the entry-level requirements for creating a malware bot agent, constructing a Command-and-Control (CnC) structure, and controlling the resultant botnet.

As a result, sophisticated botnets are well within the grasp of any technically-savvy user who knows how to use an Internet search engine and build a Web site. Enterprise organizations must change their focus from identifying malware by name to identifying the criminals behind individual botnets in order to keep up with this evolving threat.

    Copyright 2001-2009 © Gunter Ollmann