Language Selection

English French German Italian Portuguese Spanish

An Army of Soulless 1's and 0's

Filed under
Security

For thousands of Internet users, the offer seemed all too alluring: revealing pictures of Jennifer Lopez, available at a mere click of the mouse. But the pictures never appeared. The offer was a ruse, and the click downloaded software code that turned the user's computer into a launching pad for Internet warfare.

On the instructions of a remote master, the software could deploy an army of commandeered computers - known as zombies - that simultaneously bombarded a target Web site with so many requests for pages that it would be impossible for others to gain access to the site.

And all for the sake of selling a few more sports jerseys.

The facts of the case, as given by law enforcement officials, may seem trivial: a small-time Internet merchant enlisting a fellow teenager, in exchange for some sneakers and a watch, to disable the sites of two rivals in the athletic jersey trade. But the method was far from rare.

Experts say hundreds of thousands of computers each week are being added to the ranks of zombies, infected with software that makes them susceptible to remote deployment for a variety of illicit purposes, from overwhelming a Web site with traffic - a so-called denial-of-service attack - to cracking complicated security codes. In most instances, the user of a zombie computer is never aware that it has been commandeered.

The networks of zombie computers are used for a variety of purposes, from attacking Web sites of companies and government agencies to generating huge batches of spam e-mail. In some cases, experts say, the spam messages are used by fraud artists, known as phishers, to try to trick computer users into giving confidential information, like bank-account passwords and Social Security numbers.

Officials at the F.B.I. and the Justice Department say their inquiries on the zombie networks are exposing serious vulnerabilities in the Internet that could be exploited more widely by saboteurs to bring down Web sites or online messaging systems. One case under investigation, officials say, may involve as many as 300,000 zombie computers.

More than 170,000 computers every day are being added to the ranks of zombies, according to Dmitri Alperovitch, a research engineer at CipherTrust, a company based in Georgia that sells products to make e-mail and messaging safer.

"What this points out is that even though critical infrastructure is fairly well secured, the real vulnerability of the Internet are those home users that are individually vulnerable and don't have the knowledge to protect themselves," Mr. Alperovitch said. "They pose a threat to all the rest of us."

Full Article.

More in Tux Machines

Calculate Intro, OpenMandriva Review, and Mageia Delay

Today in Linux news Jessie Smith has a nice article on Gentoo-derivative Calculate Linux 14 in this week's Distrowatch Weekly. Linuxbsdos.com has a review of OpenMandriva Lx 2014.1, released last week. Mageia 5 Beta 1 is delayed and openSUSE 11.4 is "truly, finally dead." We have all this and more in tonight's Linux news recap. Read more

Early Morning Linux Voodoo at Denny’s

I could tell that he wasn’t comfortable turning over control of his laptop to a stranger, but after a few seconds I got a slight nod to the affirmative. I pulled the Acer over to my part of the counter and booted the Linux Mint KDE LTS I keep for just such purposes. As the computer accepted the DataStick as the boot option, I explained to Ed what I was doing. It was obvious he had no idea what I was talking about so we waited in awkward silence for the next few seconds. Finally, the Mint logo appeared on the screen. I opened Dolphin and located the Windows drive then asked him for the name of the file. He couldn’t remember but was sure it was a PDF. A few minutes later, I pulled a pen from my pocket and wrote down the number he needed and slid it back over to him with his laptop. Read more

Leftovers: Proprietary Software and Command Line

today's howtos