Language Selection

English French German Italian Portuguese Spanish

Hackers Grow Armies of Zombie PCs

Filed under
Security

Attackers are becoming increasingly aggressive as they look to grow their zombie armies of infected PCs, according to antivirus vendor McAfee. This week, the company reported that the number of systems infected with malicious software that allows the PC to be used for unauthorized purposes jumped by 303 percent during the second quarter of 2005 from the previous quarter.

Whereas high-profile attacks such as the MyDoom worm in 2004 generally left no doubt as to whether the user's system was infected, attackers are now using more subtle techniques, often invisibly seizing control of a machine with tiny programs called "bots" that await instructions from their creators, according to Vincent Gullotto, vice president of McAfee's Anti-virus and Vulnerability Emergency Response Team.

These bots allow the infected machine, sometimes called a "zombie," to be used for a variety of illegal purposes, such as sending spam or participating in a denial of service attack against a Web site, Gullotto says. "You're not hearing about a major outbreak every month, but people are not aware that there has become a much more subversive way that virus writers are spreading around the Internet," he says.

On the Increase

Researchers with Gullotto's team recorded nearly 13,000 cases of attempted bot hijackings, up from about 3000 during the first quarter of 2005. The company also reported that the number of adware and spyware programs was up 12 percent when compared to the first quarter of 2005.

Though McAfee says that all sorts of criminals are now involved in hacking, the company has noticed that money, rather than fame or notoriety, has increasingly been a motivating factor in attacks.

Rather than crashing users' systems or sending out huge quantities of e-mail, attackers are using malicious software such as the Mytob worm to install adware on personal computers. And organized criminals are emerging as a new and increasingly effective source of sophisticated attacks, Gullotto says. "There's a whole new ballgame that's being played."

By Robert McMillan
IDG News Service

More in Tux Machines

35 Open Source Tools for the Internet of Things

In a nutshell, IoT is about using smart devices to collect data that is transmitted via the Internet to other devices. It's closely related to machine-to-machine (M2M) technology. While the concept had been around for some time, the term "Internet of Things" was first used in 1999 by Kevin Ashton, who was a Procter & Gamble employee at the time. Read more

IoT tinkerers get new Linux hub & open platforms

Cloud Media, the maker of entertainment box Popcorn Hour, launched a project on Kickstarter, Inc. that will add to the growing number of smart hubs for people to connect and control smart devices. Called the STACK Box, it features a Cavium ARM11 core processor, 256MB DDR3 RAM, 512MB flash, SD slot, 802.11n WiFi, Bluetooth LE 4.0, Z-Wave, standard 10/100 Ethernet port, optional X10 wired communication, 5 USB 2.0 ports, RS-232 port, 2 optocoupler I/O, Xbee Bus, Raspberry Pi-compatible 26-pin bus and runs Linus Kernel 3.10. IT also features optional wireless communications for Dust Networks and Insteon with RF433/315, EnOcean, ZigBee, XBee, DCLink, RFID, IR coming soon. Read more

Citrix and Google partner to bring native enterprise features to Chromebooks

Chromebooks are making inroads into the education sector, and a push is coming for the enterprise with new native Chrome capabilities from Citrix. Google and Citrix have announced Citrix Receiver for Chrome, a native app for the Chromebook which has direct access to the system resources, including printing, audio, and video. To provide the security needed for the enterprise, the new Citrix app assigns a unique Receiver ID to each device for monitoring, seamless Clipboard integration across remote and local applications, end user experience monitoring with HDX Insight, and direct SSL connections. Read more

Is Open Source an Open Invitation to Hack Webmail Encryption?

While the open source approach to software development has proven its value over and over again, the idea of opening up the code for security features to anyone with eyeballs still creates anxiety in some circles. Such worries are ill-founded, though. One concern about opening up security code to anyone is that anyone will include the NSA, which has a habit of discovering vulnerabilities and sitting on them so it can exploit them at a later time. Such discoveries shouldn't be a cause of concern, argued Phil Zimmermann, creator of PGP, the encryption scheme Yahoo and Google will be using for their webmail. Read more