Hackers Grow Armies of Zombie PCs
Attackers are becoming increasingly aggressive as they look to grow their zombie armies of infected PCs, according to antivirus vendor McAfee. This week, the company reported that the number of systems infected with malicious software that allows the PC to be used for unauthorized purposes jumped by 303 percent during the second quarter of 2005 from the previous quarter.
Whereas high-profile attacks such as the MyDoom worm in 2004 generally left no doubt as to whether the user's system was infected, attackers are now using more subtle techniques, often invisibly seizing control of a machine with tiny programs called "bots" that await instructions from their creators, according to Vincent Gullotto, vice president of McAfee's Anti-virus and Vulnerability Emergency Response Team.
These bots allow the infected machine, sometimes called a "zombie," to be used for a variety of illegal purposes, such as sending spam or participating in a denial of service attack against a Web site, Gullotto says. "You're not hearing about a major outbreak every month, but people are not aware that there has become a much more subversive way that virus writers are spreading around the Internet," he says.
On the Increase
Researchers with Gullotto's team recorded nearly 13,000 cases of attempted bot hijackings, up from about 3000 during the first quarter of 2005. The company also reported that the number of adware and spyware programs was up 12 percent when compared to the first quarter of 2005.
Though McAfee says that all sorts of criminals are now involved in hacking, the company has noticed that money, rather than fame or notoriety, has increasingly been a motivating factor in attacks.
Rather than crashing users' systems or sending out huge quantities of e-mail, attackers are using malicious software such as the Mytob worm to install adware on personal computers. And organized criminals are emerging as a new and increasingly effective source of sophisticated attacks, Gullotto says. "There's a whole new ballgame that's being played."
By Robert McMillan
IDG News Service