Mumbai: India had the third-highest infection rate of ZeroAccess botnets — a type of computer virus — after the US and Japan, according to a Symantec global report released on Tuesday. While 35% of the infections were observed in the US, nearly 6% of ZeroAccess infections were in India.
ZeroAccess is a sophisticated and resilient botnet, which has been active since 2011. It is also one of the most virulent — with upward of 1.9 million computers infected with it on any given day as observed in August 2013.
Bot-infected computer activities can be classified as actively attacking-bots or bots that send out spam such as spam zombies that are remotely controlled. These are compromised systems specifically designed to send out large volumes of junk or unsolicited email messages.
Earlier this year, Symantec’s Internet Security Threat Report identified that India accounted for nearly 15% of global botnet spam, responsible for disseminating an estimated 280 million spam messages per day worldwide.
A key feature of the ZeroAccess botnet is its use of a peer-to-peer (P2P) command-and-control (C&C) communications architecture. In the ZeroAccess botnet, there is constant communication between peers. Each peer continuously connects with other peers to exchange peer lists and check for updated files, making it highly resistant to any take-down attempts.
ZeroAccess also leverages click-fraud and electronic currency Bitcoin mining to carry out revenue generating activities, potentially earning internet fraudsters tens of millions of dollars per year, the report added.
The click-fraud Trojan downloads online advertisements onto the infected computer and generates artificial clicks on them as if they were generated by legitimate users. These false clicks count for payouts in pay-per-click schemes.
As for Bitcoin mining, the virtual currency holds a number of attractions for cybercriminals. The way each bitcoin comes into existence is based on mathematical operations known as ‘mining’ on computing hardware, the report said, adding that this has a direct value to the ‘botmaster’ and a cost to the unsuspecting victims.