Cybercriminals are downsizing their botnets to try and trick software security companies.
Criminally-controlled botnets are typically controlled remotely with their creators usually trying to build the largest possible network of compromised computers, which are then rented out to gangs for as little as US$100 for a couple of hours.
But researchers at antivirus company F-Secure have reported seeing these large networks being broken down into smaller groups of compromised computers because the creation of larger botnets is not creating as much revenue for such cyber criminals.
Mika Stahlberg, program manager of the security response team at F-Secure, said the company is still seeing big botnets around the world but coders are no longer trying to build the largest zombie network they can because it does not make them any more money than a collection of smaller botnets.
The botnet bandits are also erring on the side of caution by steering away from larger botnets: should a central server controlling such a network go down, the whole botnet can be lost, according to F-Secure.
Stahlberg added: "These people don't want to put all their eggs in one basket and are therefore running smaller botnets."
The malware writers are also getting lazy, according to F-Secure, and are no longer attempting to catch out companies by using increasingly complex viruses.
Sean Sullivan, technical expert at F-Secure, said virus writers can no longer beat security companies with complicated codes and are therefore trying to do it by creating "malware factories" which swamp the antivirus vendors.
Sullivan added: "It used to be a big event when a virus came along but now we get 10,000 [malware samples] a day, most of which are variations on the same code."
Gemma Simpson reported from London for silicon.com.
