Language Selection

English French German Italian Portuguese Spanish

Hackers Grow Armies of Zombie PCs

Filed under
Security

Attackers are becoming increasingly aggressive as they look to grow their zombie armies of infected PCs, according to antivirus vendor McAfee. This week, the company reported that the number of systems infected with malicious software that allows the PC to be used for unauthorized purposes jumped by 303 percent during the second quarter of 2005 from the previous quarter.

Whereas high-profile attacks such as the MyDoom worm in 2004 generally left no doubt as to whether the user's system was infected, attackers are now using more subtle techniques, often invisibly seizing control of a machine with tiny programs called "bots" that await instructions from their creators, according to Vincent Gullotto, vice president of McAfee's Anti-virus and Vulnerability Emergency Response Team.

These bots allow the infected machine, sometimes called a "zombie," to be used for a variety of illegal purposes, such as sending spam or participating in a denial of service attack against a Web site, Gullotto says. "You're not hearing about a major outbreak every month, but people are not aware that there has become a much more subversive way that virus writers are spreading around the Internet," he says.

On the Increase

Researchers with Gullotto's team recorded nearly 13,000 cases of attempted bot hijackings, up from about 3000 during the first quarter of 2005. The company also reported that the number of adware and spyware programs was up 12 percent when compared to the first quarter of 2005.

Though McAfee says that all sorts of criminals are now involved in hacking, the company has noticed that money, rather than fame or notoriety, has increasingly been a motivating factor in attacks.

Rather than crashing users' systems or sending out huge quantities of e-mail, attackers are using malicious software such as the Mytob worm to install adware on personal computers. And organized criminals are emerging as a new and increasingly effective source of sophisticated attacks, Gullotto says. "There's a whole new ballgame that's being played."

By Robert McMillan
IDG News Service

More in Tux Machines

Tizen in Bolivia and India

Security Leftovers

  • Security updates for Wednesday
  • Microsoft says its best not to fiddle with its Windows 10 group policies (that don't work)

    On Monday, we revealed that a security researcher had used a packet sniffer to show that many settings designed to prevent access to the internet were being ignored with connections to a range of third party servers including advertising hubs.

  • What's got a vast attack surface and runs on Linux? Windows Defender, of course
    Google Project Zero's Windows bug-hunter and fuzz-boffin Tavis Ormandy has given the world an insight into how he works so fast: he works on Linux, and with the release of a personal project on GitHub, others can too. Ormandy's project is to port Windows DLLs to Linux for his vuln tests (“So that's how he works so fast!” Penguinistas around the world are saying). Typically self-effacing, Ormandy made this simple announcement on Twitter (to a reception mixing admiration, humour, and horror):
  • Hacked in Translation – from Subtitles to Complete Takeover
    Check Point researchers revealed a new attack vector which threatens millions of users worldwide – attack by subtitles. By crafting malicious subtitle files, which are then downloaded by a victim’s media player, attackers can take complete control over any type of device via vulnerabilities found in many popular streaming platforms, including VLC, Kodi (XBMC), Popcorn-Time and strem.io. We estimate there are approximately 200 million video players and streamers that currently run the vulnerable software, making this one of the most widespread, easily accessed and zero-resistance vulnerability reported in recent years.
  • A Samba remote code execution vulnerability
    Distributors are already shipping the fix; there's also a workaround in the advisory for those who cannot update immediately.

KDE, Qt, GTK and GNOME News

  • KDE Plasma 5.8.7 LTS Desktop Environment Released with over 60 Improvements
    KDE has announced today the release and immediate availability of the seventh maintenance update to the long-term supported KDE Plasma 5.8 desktop environment. KDE Plasma 5.8.7 LTS is now considered the latest stable and most advanced version of the KDE Plasma 5.8 LTS (Long Term Support) desktop environment, which some of you out there are probably using on your favorite GNU/Linux distributions instead of a short-lived branch like KDE Plasma 5.9 or the upcoming KDE Plasma 5.10 release.
  • Summer of Coding!
    After a month of dread and panicking about the fact that Google Summer of Code results are announced in the middle of exam season... I'm happy to say I'll be doing the Rust plugin for KDevelop!
  • Qt 5.9 Release Candidate Available For Testing
  • Qt 5.9.0 RC released
    We have released Qt 5.9.0 RC today. You can update it at the top of your Qt 5.9 beta(4) online installation or do clean installation by using qt online installer. Detailed instructions here: https://wiki.qt.io/How_to_get_snapshot_via_online_installer .
  • The Road to GTK+ 4 Continues, New Milestone Adds Initial OS X and Meson Support
    A new milestone was released recently, GTK+ 3.91.0, which adds quite a bunch of improvements and bug fixes, but also some new APIs and compatibility with other supported operating systems besides those based on the Linux kernel. For example, GTK+ 3.91.0 implements initial support for Apple's macOS platform, which will make it possible to run apps written in GTK+ 4 on OS X.
  • Epiphany Browser Updated for GNOME 3.25.2 with New Shortcuts for Switching Tabs
    Ahead of today's GNOME 3.25.2 desktop environment development release, the team of developers behind the Epiphany web browser have released the second milestone towards the Epiphany 3.26 stable series, due out later this year.

Red Hat News: Flatpak, CloudLinux, Red Hat Enterprise Linux (RHEL) 7.4