Internet service provider Virgin Media has enlisted the help of volunteer security professionals in order to discover which of its customers’ computers have been compromised by botnets, large networks of malware-infected devices controlled remotely by cybercriminals.
In future the company will inform customers if their PCs have been infected, it announced this week.
Virgin Media says it will compare lists of the IP addresses of infected computers, compiled by such ‘white hat’ organisations as The Shadowserver Foundation, against its customers IP addresses. This will allow it to combat botnets without actively inspecting customers’ devices, which might represent a breach of privacy protection, the company said.
Botnets can be used to conduct a range of cybercriminal activity including denial of service attacks, malware distribution and data theft. Last week, security specialist M86 Security reported that a botnet was recently used to steal more than £675,000 from around 3,000 accounts at one bank.
The IT industry is currently stepping up its efforts to combat botnets. Earlier this year, software giant Microsoft successfully won the legal right to shut down various websites known to be distributing botnet-related malware. At the time, the company said that there are 3.8 million infected PCs in the world.
According to its website, the Shadowserver Foundation is “an all volunteer watchdog group of security professionals that gather, track, and report on malware, botnet activity, and electronic fraud”. Its mission is "to gather data that can be used to help detect malicious networks and protect against them,” the site says.
The number of ‘command and control’ servers (computers used to remotely co-ordinate botnets) detected by the Shadowserver Foundation has risen from around 4,000 to just under 6,000 this year.