Attacks on PCs by botnets – the networks of so-called zombie computers – are becoming more of a problem, with more than a million hosts already controlled by hackers.

That's according to the Honeynet Project, an organisation that sets up PCs to be deliberately affected, which found that "the threat posed by botnets is probably worse than originally believed."

Zombies are computers that have been infected by a virus that puts them at the remote control of the virus writers. They can then be used to nefarious ends such as further virus propagation, spreading spam or mounting denital of service attacks.

The research found that the threats can't be underestimated as they pose "a severe threat" to the wider community. It's more bad news for PC users. Two months ago, the Honeynet Project found that hackers were concentrating almost exclusively on Windows machines.

In its latest research, the project tracked more than 100 active botnets, including one containing 50,000 compromised "zombie" machines.

The report pointed out that "more than one million hosts are compromised and can be controlled by malicious attackers" although it warned that this was a probable underestimate. The company also made an estimate as to the scope of distributed denial of service (DDOS) attacks. In the tracking period, from November 2004 to January 2005, Honeynet detected a staggering 226,585 IP addresses joining at least one of the channels being monitored.

Researchers at the project believe that there is much more work needed in keeping botnets at bay. The report pointed out the range of potential damage, saying: "Our research shows that some attackers are highly skilled and organised, potentially belonging to well organised crime structures... Since botnets pose such a powerful threat, we need a variety of mechanisms to counter it."

Ominously, the report concluded by pointing out that "more research in this area is needed, attackers don't sleep. As these threats continue to adapt and change, so to must the security community."