According to anti-virus vendor Sophos, the attacks started about the same time on Monday and Tuesday last week and lasted for several hours on each occasion, attempting to infect as many PCs as possible around the world.

These kinds of sophisticated attacks represent the sharp end of a growing illicit trade in botnets - networks of compromised or zombie computers that, unknown to their owners, are under the control of hackers and up for hire to perform nefarious tasks.

Botnets can be created through both Trojan Horses, namely malicious code disguised as harmless executable files, and worms, or mass-mailing viruses, by leaving a bot on a compromised computer. The bot stands ready to respond to commands from the attacker through an IRC (Internet Relay Chat) server. Once in the system, the bot may also start searching for other PCs to compromise and expand the network.

'These are often used to send spam, launch new virus campaigns, spy on others or launch denial-of-service attacks,' said Charles Cousins, managing director, Sophos Asia. Mr Cousins said his company estimated that more than 50 per cent - a conservative figure - of all spam today originated from zombie computers.

Over the past year, another worrying trend that has emerged is for botnets to be deployed in extortion schemes - targeting online businesses with denial of service. Such attacks jam a server with an overwhelming number of requests, forcing it offline.

In the United States, there were three reported cases of online credit card processing companies being hit by denial-of-service attacks in April and September last year after refusing extortion demands. The website of one of the credit card companies was reportedly attacked for more than a week.

Last year also brought the first reports of a corporation hiring botnets to cripple its rivals, with the chief executive of a satellite TV dealership based in Massachusetts being indicted for allegedly launching denial-of-service attacks on the websites of three rival firms, causing an estimated US$2 million in lost business. In Europe, similar attacks on online betting websites by crime rings based in Eastern Europe were investigated by Britain's National Hi-Tech Crime Unit.

Botnet creators are also believed to be partly responsible for the growing threat of 'phishing' scams targeting individual computer users. They have the ability to both generate large quantities of spam e-mails and host imitation sites that extract financial information from the unsuspecting user. Mr Cousins believes available security measures are adequate for dealing with bots, if a user properly installs, configures and updates his or her software.

'Users need to ensure that their security patches are up to date, their anti-virus is up to date, their firewall is turned on and set to its most maximum setting without compromising the normal use of the computer. People should also ensure that they practice safe computing, which means not visiting dodgy sites or following links from unsolicited e-mails.'

For companies caught in the crossfire as hackers try to create or extend their botnets, Sophos has released a new product called ZombieAlert.

'It advises service subscribers when any computer on their network is found to have sent spam to Sophos's extensive global network of spam traps, and provides rapid notification to customers if their IP [internet protocol] addresses are listed in public Domain Name Server Blackhole Lists. This information helps customers locate, disinfect, and protect these systems from future attacks,' Mr Cousins said.