Online criminals can use a virus to
take control of large numbers of computers at a time, and turn them
into "zombies" that can work together as a powerful "botnet" to
perform malicious tasks. Botnets are highly valued by online
criminals, and have become a serious problem on the Internet.
InformationWeek (Aug.
2, 2007) reported that the current siege by the Storm Worm
is 10 times larger than any other e-mail attack in the last two
years -- amassing a combined botnet army of nearly 2 million
computers
A botnet - also known as a zombie army - is a number of Internet
computers that have been set up to forward transmissions including
spam or viruses to other computers on the Internet. Any such
computer is referred to as a zombie - in effect, a computer "robot"
or "bot" that serves the wishes of some master spam or virus
originator. |
|
Most computers compromised in this way
are home-based and infected without the owners' knowledge. According
to a report from Russian-based Kapersky Labs, botnets - not spam,
viruses, or worms - currently pose the biggest threat to the
Internet. A report from Symantec offers the same conclusion.
Literally hundreds of thousands of computers have been harvested
into Botnets that can distribute spam e-mail and infected greeting
e-card messages, spread viruses, attack other computers and servers,
and commit other kinds of crime and fraud.
Computers that are captured into a zombie army are often those whose
owners fail to provide effective firewalls and other safeguards.
Many home computers have high speed connections that may be
inadequately protected. A zombie or bot is often created through an
Internet port that has been left open and through which a small
Trojan horse program can be left for future activation. At a certain
time, the zombie army "controller" can unleash targeted attacks with
his Zombie army by sending a single command.
Malware and targeted attacks are almost always economically
motivated.
The goal of todays threats is to stay silent and hidden
for as long as possible while stealing confidential and financial
data from infected networks around the world.
Researchers at software security firms have recorded over 400
million spam e-mails luring users to malicious Web sites. Before the
Storm worm began its attack, about 1 million virus-laden e-mails
circulated through the Internet daily. On July 19, the research firm Postini recorded 48.6 million and on July 24 they tracked 46.2
million malicious messages - more than 99% from the Storm worm.
Researchers at SecureWorks reported similar staggering numbers as
well.
SecureWorks researchers noted that the number of zombie computers
captured by Storm worm authors has increased dramatically. During
the first months of 2007, they noted an increase of bot directed
attacks from 2,815 to 1.7 million by the end of July.
Editor's at the SANS Institute (the leading organization in computer
security training) agree that the Storm worm is a very sophisticated
piece of software and it is highly unlikely that it was created just
to send spam.
It's possible that your computer could already have a virus and
be
compromised into a botnet.
A virus that makes your computer into a zombie might cause it to
slow down, display mysterious messages, or work in an unexpected
manner. These viruses usually do not disable your computer because
zombie computers are useless to a bot master unless they can be
operated when connected to the internet
If your computer shows symptoms of virus infection, first make sure
that the software is up to date. If you are running Windows Vista,
Windows XP, Windows 2000, and Windows Server 2003, run the Microsoft
Malicious Software Removal Tool. It checks for infections by
specific, prevalent malicious software and helps remove any
infection found.
Free scans are offered by nearly all of the major security software
providers. Some may only find and identity malware hidden in your
system but request a paid subscription to remove it. Try a couple
different anti-virus programs. If you don't already have an
up-to-date anti-virus program, the small investment is good
insurance. If you're running those Windows browsers, get a free scan
with the
Windows Live OneCare safety scanner. It'll remove infections and
is free for 90 days.
Subscribe to industry standard antivirus software and anti spyware
software, and keep them current
In addition to the basic precautions associated with surfing the web
that we've reviewed a number of times, make certain that you use
licensed software products. Botnets are often comprised mostly of
computers that run illegally copied versions of operating system and
productivity software.
Unlicensed software can be more susceptible to viruses and can even
come with viruses already installed without your knowledge.
With a little extra caution and good up-to-date protection, you
should be able to "Weather the Storm".
... Richard Rossbauer |