The problem of "botnets" on compromised "zombie" computers is increasing, said security group The Honeynet Project.
Botnets are connected PCs that have been remotely taken over by hackers without their owners knowing.
Just 100 active botnets tracked by Honeynet launched 226 distributed denial of service (DDoS) attacks in a three-month period from November 2004 to January 2005.
One of the botnets contained 50,000 compromised zombie machines. In the three-month tracking period, Honeynet detected 226,585 unique IP addresses joining at least one of the channels being monitored.
Since the project sees only a portion of active botnets, Honeynet said that even by conservative estimates "this would mean that more then one million hosts are compromised and can be controlled by malicious attackers".
Botnets are being used for a variety of scams, including spamming, phishing, sniffing network traffic for unencrypted passwords, and remote user keylogging.
"Our research shows that some attackers are highly skilled and organised, potentially belonging to well organised crime structures," Honeynet said.