Language Selection

English French German Italian Portuguese Spanish

An Army of Soulless 1's and 0's

Filed under
Security

For thousands of Internet users, the offer seemed all too alluring: revealing pictures of Jennifer Lopez, available at a mere click of the mouse. But the pictures never appeared. The offer was a ruse, and the click downloaded software code that turned the user's computer into a launching pad for Internet warfare.

On the instructions of a remote master, the software could deploy an army of commandeered computers - known as zombies - that simultaneously bombarded a target Web site with so many requests for pages that it would be impossible for others to gain access to the site.

And all for the sake of selling a few more sports jerseys.

The facts of the case, as given by law enforcement officials, may seem trivial: a small-time Internet merchant enlisting a fellow teenager, in exchange for some sneakers and a watch, to disable the sites of two rivals in the athletic jersey trade. But the method was far from rare.

Experts say hundreds of thousands of computers each week are being added to the ranks of zombies, infected with software that makes them susceptible to remote deployment for a variety of illicit purposes, from overwhelming a Web site with traffic - a so-called denial-of-service attack - to cracking complicated security codes. In most instances, the user of a zombie computer is never aware that it has been commandeered.

The networks of zombie computers are used for a variety of purposes, from attacking Web sites of companies and government agencies to generating huge batches of spam e-mail. In some cases, experts say, the spam messages are used by fraud artists, known as phishers, to try to trick computer users into giving confidential information, like bank-account passwords and Social Security numbers.

Officials at the F.B.I. and the Justice Department say their inquiries on the zombie networks are exposing serious vulnerabilities in the Internet that could be exploited more widely by saboteurs to bring down Web sites or online messaging systems. One case under investigation, officials say, may involve as many as 300,000 zombie computers.

More than 170,000 computers every day are being added to the ranks of zombies, according to Dmitri Alperovitch, a research engineer at CipherTrust, a company based in Georgia that sells products to make e-mail and messaging safer.

"What this points out is that even though critical infrastructure is fairly well secured, the real vulnerability of the Internet are those home users that are individually vulnerable and don't have the knowledge to protect themselves," Mr. Alperovitch said. "They pose a threat to all the rest of us."

Full Article.

More in Tux Machines

Malware is not only about viruses – companies preinstall it all the time

In 1983, when I started the free software movement, malware was so rare that each case was shocking and scandalous. Now it’s normal. To be sure, I am not talking about viruses. Malware is the name for a program designed to mistreat its users. Viruses typically are malicious, but software products and software preinstalled in products can also be malicious – and often are, when not free/libre. In 1983, the software field had become dominated by proprietary (ie nonfree) programs, and users were forbidden to change or redistribute them. I developed the GNU operating system, which is often called Linux, to escape and end that injustice. But proprietary developers in the 1980s still had some ethical standards: they sincerely tried to make programs serve their users, even while denying users control over how they would be served. Read more

Tessel 2, A $35 Linux Computer That’s Truly Open Source

We’ve seen the first version of the Tessel a few years ago, and it’s still an interesting board: an ARM Cortex-M3 running at 180MHz, WiFi, 32 Megs of both Flash and RAM, and something that can be programmed entirely in JavaScript or Node.js. Since then, the company behind Tessel, Technical Machines, has started work on the Tessel 2, a board that’s continuing in the long tradition of taking chips from WiFi routers and making a dev board out of them. The Tessel 2 features a MediaTek MT7620 running Linux built on OpenWRT, Ethernet, 802.11bgn WiFi, an Atmel SAMD21 serving as a real-time I/O coprocessor, two USB ports, and everything can still be controlled through JavaScript, Node, with support for Rust and other languages in the works. Read more

openSUSE Tumbleweed Gets Linux Kernel 4.0.3 and GNOME 3.16.2

A new set of improvements has landed in openSUSE Tumbleweed, the rolling release branch of the famous openSUSE Linux distribution. Read more

Google Chrome 44 Dev Gets Better Page Capture Resolution

Google developers have released a new development version of the Google Chrome browser, and the latest version is now at 44.0.2403.9. It's not a big update, but it does bring some interesting changes. Read more