Is the Botnet Battle Already Lost?

By Ryan Naraine  |  Posted 10-16-2006

It's dress-down Friday at Sunbelt Software's Clearwater, Fla., headquarters. In a bland cubicle on the 12th floor, Eric Sites stares at the screen of a "dirty box," a Microsoft Windows machine infected with the self-replicating Wootbot network worm.

Within seconds, there is a significant spike in CPU usage as the infected computer starts scanning the network, looking for vulnerable hosts.

In a cubicle across the hall, Patrick Jordan's unpatched test machine is hit by the worm, prompting a chuckle from the veteran spyware researcher.

Almost simultaneously, the contaminated machine connects to an IRC (Internet Relay Chat) server and joins a channel to receive commands, which resemble strings of gibberish, from an unknown attacker.

"Welcome to the world of botnets," said Sites, vice president of research and development at Sunbelt, a company that sells anti-spam and anti-spyware software.

Read the full story on eWEEK.com: Is the Botnet Battle Already Lost