In March this year, when many government agencies around the world were attacked by unknown botnets (network of computers used to carry out automated tasks such as spamming) for espionage purposes, they were termed GhostNets, as the botnets could not be detected.
Analysts say that these programmes are not system heavy or resource intensive and become active only when a certain piece of information is there on the system. So, even if you delete the mail after opening it or installing a required plug-in, the bots get installed.
"We have noticed that a few hacker organisations are actively involved in the development and dissemination of the toolset used to create the back door used in GhostNet. This threat, named Backdoor.GhostNet, can easily be created by just about anyone who can use the toolset, which is built to be very easy to use," added Ghosh.
So, how can users safeguard themselves from a threat that can't be detected?
"Users need to know that this is like any other cyber crime and is there to stay. It might change form or mutate in future. They keep their anti-malware software updated irrespective of whether it can detect GhostNets or not. Besides, they can use technologies like reputation services to block access to the source of the malware. Also, never install plug-ins without knowing the URLs," advises Abhinav Karnwal, product marketing manager, APEC at security firm Trend Micro.