Language Selection

English French German Italian Portuguese Spanish

An Army of Soulless 1's and 0's

Filed under
Security

For thousands of Internet users, the offer seemed all too alluring: revealing pictures of Jennifer Lopez, available at a mere click of the mouse. But the pictures never appeared. The offer was a ruse, and the click downloaded software code that turned the user's computer into a launching pad for Internet warfare.

On the instructions of a remote master, the software could deploy an army of commandeered computers - known as zombies - that simultaneously bombarded a target Web site with so many requests for pages that it would be impossible for others to gain access to the site.

And all for the sake of selling a few more sports jerseys.

The facts of the case, as given by law enforcement officials, may seem trivial: a small-time Internet merchant enlisting a fellow teenager, in exchange for some sneakers and a watch, to disable the sites of two rivals in the athletic jersey trade. But the method was far from rare.

Experts say hundreds of thousands of computers each week are being added to the ranks of zombies, infected with software that makes them susceptible to remote deployment for a variety of illicit purposes, from overwhelming a Web site with traffic - a so-called denial-of-service attack - to cracking complicated security codes. In most instances, the user of a zombie computer is never aware that it has been commandeered.

The networks of zombie computers are used for a variety of purposes, from attacking Web sites of companies and government agencies to generating huge batches of spam e-mail. In some cases, experts say, the spam messages are used by fraud artists, known as phishers, to try to trick computer users into giving confidential information, like bank-account passwords and Social Security numbers.

Officials at the F.B.I. and the Justice Department say their inquiries on the zombie networks are exposing serious vulnerabilities in the Internet that could be exploited more widely by saboteurs to bring down Web sites or online messaging systems. One case under investigation, officials say, may involve as many as 300,000 zombie computers.

More than 170,000 computers every day are being added to the ranks of zombies, according to Dmitri Alperovitch, a research engineer at CipherTrust, a company based in Georgia that sells products to make e-mail and messaging safer.

"What this points out is that even though critical infrastructure is fairly well secured, the real vulnerability of the Internet are those home users that are individually vulnerable and don't have the knowledge to protect themselves," Mr. Alperovitch said. "They pose a threat to all the rest of us."

Full Article.

More in Tux Machines

openSUSE Leap 42.2 Linux Now Officially Available as 64-bit Raspberry Pi 3 Image

openSUSE Project, through Douglas DeMaio, proudly informs Softpedia via an email announcement about the general availability of a 64-bit Raspberry Pi 3 image of the openSUSE Leap 42.2 operating system. Read more

today's leftovers

  • The future of xinput, xmodmap, setxkbmap, xsetwacom and other tools under Wayland
    This post applies to most tools that interface with the X server and change settings in the server, including xinput, xmodmap, setxkbmap, xkbcomp, xrandr, xsetwacom and other tools that start with x. The one word to sum up the future for these tools under Wayland is: "non-functional". An X window manager is little more than an innocent bystander when it comes to anything input-related. Short of handling global shortcuts and intercepting some mouse button presses (to bring the clicked window to the front) there is very little a window manager can do. It's a separate process to the X server and does not receive most input events and it cannot affect what events are being generated. When it comes to input device configuration, any X client can tell the server to change it - that's why general debugging tools like xinput work.
  • Please don't use pastebins in bugs
  • Linux Top 3: SparkyLinux 4.5, Mageia 5.1 and Peppermint 7
    SparkyLinux is (yet another) Debian based Linux distribution. The SparkyLinux 4.5 update codenamed "Tyche' was released on December 3, providing users with multiple desktop choice other than GNOME. SparkLinux 4.5 ships with KDE, LXDE, LXQt, MATE and Xfce.
  • Upcoming Linux Distributions Releasing In December 2016
    In December 2016, a big Linux distribution release is taking shape in the form of Linux Mint 18.1 Serena, flavored by Cinnamon 3.2. It’ll be accompanied by the release of security and privacy-focused Anonymous Live CD Tails 2.9.
  • AMD Extends Strategic Partnership with Mentor Graphics for Linux-based Embedded Solutions
  • Samsung Z2 gets Firmware Update to Tizen 2.4.0.6 Z200FDDU0BPK3 in India
    Samsung’s latest Tizen-based smartphone, the Z2 model number SM-Z200F, has had a new software / firmware update land in India today. The update takes it to Tizen version 2.4.0.6., firmware Z200FDDU0BPK3. The update log mentions the following improvements: Improved send SOS message (panic mode) and also improvements to the security of the device. Additional bug fixes and performance improvements may have also been bundled in.

Leftovers: Software

  • choqok 1.6 Twitter Client was released and completely ported with KDE Frameworks 5
    Choqok is a fast, efficient and simple to use twitter client for Linux (especially built for the KDE desktop environment) that is installed by default to some of the Linux distribution which shipped with KDE Desktop Environment. The name comes from an ancient Persian word, means Sparrow!
  • 10 open source tools for your sysadmin toolbox [Ed: Terrible list which starts with two suggestions of Microsoft EEE]
    Sysadmins, no matter what platforms they work on, are awash in great open source software tools. In this article, we highlight well-known—and not-so-well-known—tools that have released new versions in 2016.
  • NetworkManager 1.2.6 Lets You Activate Multiple PPPoE Connections Simultaneously
    Beniamino Galvani was proud to announce the release and general availability of a new maintenance update to the stable NetworkManager 1.2 series of the open source network connection manager software for GNU/Linux distributions. NetworkManager is the most used network connection manager, adopted by almost all Linux-based operating systems on the market, and NetworkManager 1.2.6 is now the most advanced release of the 1.2 stable series, coming four months after the NetworkManager 1.2.4 update to fix a few bugs and regressions reported by users since then.
  • GNOME loves to cook
    With the upcoming 20th birthday of GNOME next year, some of us thought that we should make another attempt at this application, maybe as a birthday gift to all of GNOME. Shortly after GUADEC, I got my hands on some existing designs and started to toy around with implementing them over a few weekends and evenings. The screenshots in this post show how far I got since then.

today's howtos