Nominum analyzed customer data from around the world to find the top cyber threats ranked by degree of infection. The result was a mix of new and modern bots, and legacy bots.
Top 10 Bots/Cyber Threats
Some top regional bots did not make to the global top bot list. For example, Spyeye was a top threat with higher infection rates than its competitor Zeus in EMEA region, but Zeus was more popular in APAC and LATAM regions.
We also observed some new tricks and technologies widely adopted to help improve bots operational efficiency and resilience capability:
- Many newly registered domain names were involved with spamming activities.
- More and more bots started moving their command and control center and other servers to the cloud.
- Shylock, for example, started to inject fake contact phone numbers as a new social engineering trick to steal customer’s sensitive info as people usually had more trust in living “customer service” personal.
DGA (Domain Generation Algorithm) technique gained its popularity among top bots, from Conficker to Ramnit, to create large amount of random domain names to avoid detection.