According to data just released, Bots (an abbreviation of "robot") have consolidated their position as a major Internet threat in the new malware panorama.  From 2004 to 2005 more than 10,000 examples appeared and they represent more than 20 percent of the total new malware detected in 2005. They are often used to make up extensive networks, popularly known as botnets, which are used by their creators to take massive-scale actions, such as sending spam or distributing other malware.

"Botnets are one of the current business tools of cybercrime", explains Luis Corrons, director of PandaLabs, which compiled the data.

"The biggest danger lies in their secrecy," he continued. "A large company could be serving the interests of a group of malware creators without realizing it. Their computers could be at the disposal of these cyber-crooks, and the legal implications that they might create for the company itself."

Bots can infect computers through various tactics, and then go resident, awaiting commands from their creators, normally via IRC. The success of this threat is fuelled by its multipurpose nature -- it can execute any type of order, and even update the vulnerabilities it uses to spread, so that it can improve its chances of infecting computers. The new focus of malware is due to the professionalization of both the creation of malware and the creators' search for financial returns.

For this reason, Corrons said, the number of variants developed in a malware family could stretch into the thousands, a figure far too high for signature-based protection to cope with. For example, in the prolific Gaobot family, more than 6,000 new variants were registered in 2005 alone.

"Botnets are a tool of cybercrime," he continued. "The 'herders' (those that control the botnets) use malware that is distributed across the Internet to capture and take control of new computers. They then hire out the botnet to spammers, blackmailers, and entities motivated by profit, to launch spam, carry out denial of service attacks, distribute spyware, etc. -- a highly lucrative business at the expense of consumers and even corporate networks."

He concludes: "Cybercrime nowadays takes many forms. Perhaps even more dangerous than botnets are the targeted attacks that we have witnessed recently. The recent 'Trojangate' scandal in Israel is a clear example. It is in situations like that where TruPrevent(TM) proactive technologies come into their own, while signature files are completely useless because of the customization and scarcity of unknown malware that rarely reaches antivirus companies. Until now it is a risk that companies have not sufficiently considered, and one they can no longer ignore."