Microsoft has released its ninth Security Intelligence Report, providing a detailed look at botnets over the first half of 2010. Botnets controlled almost 2.2 million computers in the US during the second quarter of 2010 -- nearly identical to the first quarter. While that's more than any other region in total infections, South Korea had the highest percentage of bot-controlled systems at 14.6 out of every 1,000 PCs, which compares to 5.2 per 1,000 in the US. Spain was the second most infected, with 12.4 systems out of every 1,000 under control of a botnet. Mexico trailed closely with 11.4 per 1,000, but the remaining countries drop to similar or lower levels than the US. In all, Microsoft's antimalware software detected and removed bots from 6.5 million computers worldwide -- two times more than the year-ago period.
Rimecud was the most prevalent botnet according to Microsoft. "Rimecud is a 'kit' family: different people working independently use a malware creation kit to create their own Rimecud botnets. Rimecud is the primary malware family behind the so-called Mariposa botnet, which infected millions of computers around the world in 2009 and 2010," the report said. "Rimecud is a backdoor worm that spreads via fixed and removable drives, and by sending malicious hyperlinks to a victim's contacts via several popular instant messaging programs. Rimecud can be commanded to take a number of typical botnet actions, including spreading itself via removable drives, downloading and executing additional malware, and stealing passwords." A 23-year-old Slovenian citizen was arrested in July for being suspected of writing the malware.