According to Kadiev, the botnet emerged in mid-2009 and comprised some 30 million infected computers all over the world. Then, in October, the Dutch police force's cybercrime department announced the shutdown of 143 Bredolab botnet control servers.
Bredolab's main purpose, he says, is to download other malicious programs onto victim computers. One of the botnet's most distinguishing features was its method of operation: legitimate websites that had been hacked were used to spread the botnet's payload.
Visitors to these websites, he adds, were redirected to malicious resources, which resulted in their computers being infected with Backdoor.Win32.Bredolab.
"In turn, Bredolab downloads other malicious programs, including a trojan that steals passwords to FTP accounts. After some time, the website for which the account details were stolen also becomes infected", he said in his analysis.
Due to its complexity, Kadiev says that the Bredolab botnet was most likely controlled by more than one person.
"However, at this point only one cybercriminal has been arrested in connection with this botnet", he noted.
Kadiev went on to say that the owners of the Bredolab botnet created and controlled a network of over 30 million zombie computers that functioned over a long period of time.
In order to keep the botnet alive, the cybercriminals skillfully and effectively concealed the botnet's command centre using fast-flux network techniques.
"This scheme not only provided reliable sustainability for the botnet's command centre, it also simplified management of malicious content: instead of having to manage malicious sites on multiple nodes, all the cybercriminals had to do was place one such site on the command and control centre and set up redirectors", he explained.
One of the key features of the Bredolab botnet, says the Kaspersky malware analyst, is the closely repeating cycle the botnet used to build up its zombie networks, in which infected computers subsequently infected websites, which in turn infected new victim computers.
"Furthermore, the search for new ways to redirect users to malicious domains was ongoing. The main source of threat in this instance was the infected websites that, when visited, would download malicious programs. Information from the infected user computers could then be used to infect new websites", he says.
To better defend against this and other botnet infections Kadiev recommends that internet users should promptly install updates and patches for operating systems and third-party applications, as most exploits and worms take advantages of software vulnerabilities for which patches are already available.
In addition, he recommends that users also install a proprietary anti-virus program and keep the anti-virus database up to date.
"Anti-virus programs are not a panacea, but they can significantly minimise the risk of computer infection", he said, adding that internet users should also avoid clicking on links in spam emails, instant messaging apps and in messages from people you are not familiar with on social networks.