It Must Be Zombie Season
Microsoft is kicking off an Internet security education campaign today aimed at spotlighting the role of the oft-overlooked workhorse of Internet crime -- the Zombie.
Not to be confused with the moaning, drooling, and flesh-eating monsters traditionally associated with Halloween and low-budget undead flicks, computer zombies are home PCs that have been compromised by a computer virus or Trojan horse and forced to participate in any number of ghastly deeds online, from sending out spam to hosting phishing Web sites to launching denial-of-service (DoS) attacks.
Microsoft attorney Tim Cranton said the company obtained a copy of a computer virus that attackers had used to turn at least one computer into a spam-relaying zombie. Microsoft then used it to intentionally infect a single test computer with the bug and monitor it for nearly three weeks in hopes of finding out who was pulling the strings.
Microsoft later determined that the infected PC was among several thousand under the control of a hacker or group of hackers. The person was then renting out the infected machines to spammers. In the span of three weeks, that single computer that Microsoft intentionally infected received roughly five million requests from spammers to send some 18 million spam messages advertising at least 13,000 different spam sites.
Microsoft has since filed a series of John Doe lawsuits to learn the identities of those behind a suspected 13 distinct spam businesses operated through that network.
Kudos to Microsoft, the Federal Trade Commission and Consumer Action (and all of the groups that are involved in the new awareness campaign) for taking this important first step. This type of consumer education can't happen enough. The truth is that virus-infected computers number in the millions at any given time on the Internet. Collectively, these robot networks, or "botnets," are the engine powering nearly all major forms of online fraud today, from spam to phishing to online advertising click-fraud to denial-of-service attacks.
Law enforcement and Microsoft may never be ahead of the online crime curve, as hijacked PCs will almost certainly remain a major problem. But by taking advantage of some the excellent free tools already available to the general public, computer users, government and industry can make significant progress toward quashing the zombie population online today.
Here's some how you can help fight the war on Zombies: If your Windows machine is performing like a zombie, consider the following:
Is your computer up to date on computer security patches? Not sure? Visit http://update.microsoft.com to find out.
Are you running some sort of firewall software? If not, consider downloading and using one of my favorite free firewalls, Sygate Personal Firewall. Sygate was very astutely snatched up recently by Symantec Corp., but hopefully it will remain free. Other free firewalls are available from Zone Labs, Agnitum, and Kerio.
Is your PC up-to-date on anti-virus software? New computers often come with free 90-day subscriptions to anti-virus software. If you don't use anti-virus software, or if your trial subscription has expired, it's time to fix that. Some free anti-virus alternatives include AVG Antivirus from Grisoft, and a year's worth of free anti-virus updates from eTrust Antivirus a joint offering from Microsoft and Computer Associates.
Lastly, be extremely cautious about opening e-mail attachments and in clicking on links that arrive via e-mail or instant message.
October 27, 2005; 10:01 AM ET
Categories: From the Bunker
Save & Share: Previous: Survey Says: Some 'Net Users No Longer Shopping Online
Next: Patch Checking for Popular Windows Apps
Posted by: Anonymous | October 27, 2005 11:14 AM | Report abuse
Posted by: Jeff B at Home | October 27, 2005 11:15 AM | Report abuse
Posted by: Paul | October 27, 2005 11:40 AM | Report abuse
Posted by: Anonymous | October 27, 2005 12:20 PM | Report abuse
Posted by: guest | October 27, 2005 12:21 PM | Report abuse
Posted by: lpdrjk | October 27, 2005 1:59 PM | Report abuse
Posted by: WhitIV | October 27, 2005 2:05 PM | Report abuse
Posted by: David Taylor | October 27, 2005 2:16 PM | Report abuse
Posted by: Hari | October 27, 2005 2:32 PM | Report abuse
Posted by: James | October 27, 2005 8:08 PM | Report abuse
Posted by: Brian Krebs | October 27, 2005 11:43 PM | Report abuse
Posted by: Bk | October 27, 2005 11:45 PM | Report abuse
Posted by: Scott | October 28, 2005 2:40 AM | Report abuse
Posted by: Scott | October 28, 2005 2:41 AM | Report abuse
Posted by: Dotty Brant | October 28, 2005 7:05 AM | Report abuse
Posted by: Ted M. | October 28, 2005 10:53 AM | Report abuse
Posted by: Rick George | October 31, 2005 8:32 AM | Report abuse
Posted by: guest | November 3, 2005 12:41 PM | Report abuse
The comments to this entry are closed.