A bot worm is a self-replicating malware program that resides in current memory (RAM), turns infected computers into zombies (or bots) and transmits itself to other computers. A bot worm may be created with the ultimate intention of creating a botnet that functions as a vehicle for the spread of viruses, Trojans and spam.
Typically, bot worms have exploited vulnerabilities in Windows operating systems but attacks are increasingly targeting other types of applications, including antivirus software. In December 2006, a bot worm called Big Yellow exploited a vulnerability in the corporate version of Symantec's security software.
One of the earliest bot worms was Zotob, which exploited a buffer overflow vulnerability, allowing malicious hackers to gather personal and financial information from targeted computers and networks. Sometimes the presence of a bot worm causes the infected computer to repeatedly crash. Often, however, the user of an infected computer may not be aware of the trouble until identity theft has actually caused credit problems or an updated anti-malware program detects the presence of the bot worm.
The best defense against bot worms is to be sure the latest patches are installed in any Windows-based computer exposed to the Internet. In addition, anti-virus and anti-spyware programs should be run and updated on a regular basis.