IT security major Symantec on Tuesday said India ranks third among infected countries based on botnet attacks.
Symantec takes the first step in combating the ZeroAccess botnet by sinkholing more than half a million bots.
ZeroAccess, a botnet active since 2011, is one of the largest known botnets in existence – with upwards of 1.9 million infected computers on a given day as observed in August 2013.
“While 35 percent of the infections were observed in the US, India had the third highest infection rate globally, just behind US and Japan. Nearly six per cent of ZeroAccess infections were observed in India,” Symantec said.
Earlier this year, Symantec’s Internet Security Threat Report Vol 18 – identified that India accounted for nearly 15 percent of global bot-net spam, responsible for disseminating an estimated 280 million spam messages per day worldwide.
Symantec is working with ISPs and CERTs worldwide to share information and help get ZeroAccess bot infected computers cleaned up. Symantec continues to devote the resources of security experts – as well as the largest, most sophisticated global intelligence network in the world – to investigate security threats in order to keep customers – from individual consumers to global corporations – informed and protected.
Symantec says a key feature of the ZeroAccess botnet is its use of a peer-to-peer (P2P) command-and-control (C&C) communications architecture, which gives the botnet a high degree of availability and redundancy. In the ZeroAccess botnet, there is constant communication between peers. Each peer continuously connects with other peers to exchange peer lists and check for updated files, making it highly resistant to any take-down attempts.