Where Have all the Bad Guys Gone???

So I am finally fed up with it. Where have all the bad guys gone. I would like to reach out to all of you and let you know that I am starting to run out of side projects.

Since the beginning of 2008 I have seen a huge increase in Automated Blind SQL injection Attacks on websites. I was watching all of these attacks evolve (More on this to come later) into more and more crafty SQL statements attempting to inject a malicious .js file into the SQL database. From what I have been reading up on, Researchers have all agreed that botnets have been increasing almost exponentially over the last few months and are a huge contribution to these SQL injection attacks. Not only was a large part of my day taken up by testing and consulting on all previous compromises, but also in researching and evolving my Pen testing skills to be able to grow in workload to handle these increase in attacks.

Then August came. All of a sudden these attacks have almost come to a halt. My workload has decreased by at least 75% in automated compromises with no apparent warning. From a Security Conference I attended in September, I was informed that a few of the worlds largest botnets have suspended operations to overhaul their entire structure making them more efficient and more powerful. This has been a direct cause for the decrease in automated sql injection attacks, but will resume when activity picks back up within the botnets.

It has been a couple of months now since I have seen the decrease in successful automated SQL injection attacks. If you would have asked me, I would surly would have guessed that things would be "better than ever" in the botnet community by now, but I have not seen it in the end result.

I am waiting patiently for things to be back up to normal and like always would love any ideas/news/opinions on when this is going to happen.