Web tools are helping to manage botnets

The easy-to-use tools are being created by malicious and criminal hackers to run the networks of compromised home computers they control, said security firm Websense.

The tools mean hackers can react instantly to what users are doing and re-direct them to fake websites set up to harvest personal data.

This also makes it harder to spot if a PC has been taken over.

Crime spree

The web-based tools put a friendly front end on managing the compromised machines making up so-called botnets.

This makes it a little more friendly and easier to initiate commands Mark Murtagh, Websense

These networks of hijacked home computers can involve as few as 100 PCs but the biggest can call on thousands of machines.

A botnet is a network of Windows machines that have been compromised by a malicious hacker by exploiting security bugs in Microsoft's operating system.

Before now the preferred method of controlling botnets has been using Internet Relay Chat via a server that the malicious hacker or criminal owns.

Although the IRC control system remains behind the friendly graphical point-and-click interface, botnet controllers no longer have to issue commands to control their bot herd.

"This makes it a little more friendly and easier to initiate commands," said Mark Murtagh, technical director at Websense, told the BBC News website.

Instead, botnet owners can issue commands to the machines they control by pointing and clicking. They can even stop machines they control contacting specific websites to prevent them getting updates to close loopholes.

Via these web-based tools the websites visited by unwitting users of compromised machines can be changed moment by moment. Those wanting to do their online banking could be re-directed to fraudulent copies of legitimate sites.

The tools also change the type of traffic passing between controlling server and bot. This makes it harder for firewalls and other security programs to spot and stop communication between the two.

Junk and porn

There have been reports that the controllers of botnets have been hiring them out for a variety of uses.

Up to 70% of spam travels via botnets say security firms

Some are used by spammers to sent huge amounts of junk e-mail, others are used as hosts of pirated or pornographic information.

Many are also used by thieves to spy on a PC's owner and gather biographical data to help commit identity theft or to grab login details for online bank accounts.

Mr Murtagh said the tools made it much easier to divide up and sell time on a botnet as the tools make it easy to group machines via location.

Many net firms are struggling to contain the growth of botnets.

In May it was revealed that one million net addresses used by British net firm Telewest had been blacklisted by anti-spam groups because junk mailers had hijacked them for their own purposes.