Sat 3 Jan 2009
Is Your Computer a Zombie?
Posted by Syd Tash under Featured
No Comments
Botnets are large networks of PCs that have been infected with a rogue program. They then do the bidding of the automated software, or of the hacker directly, who controls the group of computers from afar. The average time to infect an inadequately protected computer is five minutes or less. Once your PC is “owned” by the botnet, it is turned into a zombie without you being aware of anything amiss, at least at first. The hijacked computers are usually used to send out a flood of spam or to infect still more PCs.
Some security organizations estimate that only about 500,000 computers are currently enlisted into botnets. However, Microsoft says they track about 1,000 separate botnets at any given moment. The largest of these controls several million PCs.
The criminals behind these botnets are creating attack programs that are more and more sophisticated and clever. Recently Microsoft came across a botnet attack that was equipped with its own antivirus software. After taking over a computer, this botnet defends its host against competing botnets!
Five to seven years ago, creating botnets was largely a hacker’s pastime. They did it because they could, to show off their programming skills and expose the weaknesses in popular operating systems and programs. Now it’s a business. The bad guys want your credit card numbers, bank login credentials and other passwords.
International cooperation and awareness are mounting, with the FBI and Interpol going after the crooks. Obviously, no one country can succeed in stopping these criminals, as they will just shift their activities to the country with the weakest or no anti-botnet laws.
It can be difficult to tell if your computer has been turned into a zombie. One telltale sign is a slow, sluggish machine. But there can be other reasons for this. Check your security programs. Can you update them? If not, something is very wrong. Is your connection speed much slower than usual? Again, there could be other causes. Are you getting more “bounced” emails than normal? We all get some; this is just spam, not real returned messages.
But if you are getting a lot more than usual, it could be because your computer is sending out a deluge of junk emails. Do not open these returned messages. It could (further) infect your computer. Just delete them. Here is a surefire way to tell you have a serious problem: your ISP cuts off your connection, because your PC is sending out a flood of junk emails.
Defending against this type of threat is the same as protecting yourself from all other Internet threats. Keep your security programs up to date and run them on a regular schedule. Add a rootkit detector to your defenses. Read what it is and does, and get one free, here:
http://mypcsecurityblog.com/featured/this-is-the-rootkit-of-all-evil
If your computer is going to be idle for an hour or so, why not launch and run one of your security scans? Do this a few times a day, rotating through your antivirus, antispyware and antirootkit programs. This will increase your confidence that your machine is clean. Or it will provide early warning that you have an infection.
Syd Tash is a longtime computer security consultant, author, and founder of
The SaferSurfing Project. He has been keeping Web surfers like you safe and secure since the last century. Find out how to keep yourself safe online and do your part for a more secure Internet. Join the SaferSurfing Project here
=> http://SaferSurfingProject.com
You may include these Tips in your Web sites and publications provided they remain unchanged and include the above paragraph, with the author’s name and Web site. You can also get a direct URL to this post. Click the title, then copy the URL in the browser address bar.
