According to Digital Activism, a botnet is a network of automated software controlled and manipulated by a third party, that is, neither the owner of the machine running the bot nor the target of the attack. A botnet can refer to a legitimate group of computers that share program processing. However, the term generally refers to computers running malicious software that was downloaded without the consent of the computer’s owner and is used to make attacks against other systems.
Symantec's MessageLabs Intelligence (MLI) regularly reviews global botnet activity to identify and characterize the top spam-sending botnets. As part of this analysis MLI also collect the IP addresses of computers under the control of each botnet as they are used to send spam. Using all available data, MLI had plotted the geographical locations of these individual bots that make up the major botnets.
This map shows these locations, aggregated to within one degree latitude by one degree longitude grid; the darker red the dot indicates that more bots are active from that location. The top locations are identified as follows:
- a black outline indicates the locations of the top 10 most active bots;
- a gold outline indicates locations where the top 11-50 most active bots are found.
- The percentage of spam sent from each group is also highlighted on the chart.
Reference: Symantec Cloud