Skip to main content

Thousands of zombie PCs created daily

Jack Writes: The rate at which personal computers are being hijacked by hackers rocketed in the first half of 2004, reveals a new report. An average of 30,000 computers per day were turned into enslaved “zombies”, compared with just 2000 per day in 2003.

 

US computer security company Symantec says efforts to build so-called "botnets" - networks of zombies used to launch attacks on corporate websites or as anonymous relays for sending out spam - from hacked computers have intensified dramatically in recent months. The company's latest biannual report shows that recruitment of "zombie" machines peaked at 75,000 computers per day.

 

Jeremy Ward, service development manager at Symantec, says virus writers can make good money by selling botnets to online extortionists and spammers.

 

"What we're seeing now is malware, or malicious software, that is truly professional," Ward told New Scientist. "You have the ability to set up botnets for a number of money-making schemes."

 

Turf war

 

The Symantec report is based on information gathered from 20,000 network sensors based in 180 countries around the world. They also collected information from anti-virus software installed on desktop machines and corporate networks.

The study shows that overall virus activity increased between January and June 2004. In all, 4496 Windows computer viruses were released during this time - a fourfold increase on the same period the previous year.

 

Enlistment of zombie machines reached an all-time high during a turf war between two virus-writing groups in the first few months of 2004. Those behind the worms MyDoom and Bagle fought against the creator of the Netsky virus for ownership of the infected computers.

 

During this feud, a version of Netsky was released which was designed to deactivate the Bagle and MyDoom viruses within infected computers.

 

Draining resources

Richard Archdeacon, director of technical services at Symantec, adds that virus writers have developed new programming tricks to thwart current anti-virus scanning technology.

 

Anti-virus scanners examine the contents of files for pieces of data that match those of a known threat. Many viruses, for example, insert themselves at the beginning or end of code for a legitimate programme.

 

But recent strains of virus have made scanning more difficult. A virus called Impanate, for example, buries portions of its code in an unexpected region of a software file.

 

Another virus, known as Gastropod, rewrites its own code entirely between replications to complicate detection. Spotting these viruses requires considerably more computing power, draining system resources.

 

"These advanced infection mechanisms may render many traditional antivirus scanning techniques ineffective," Archdeacon says.

But law enforcers have also made progress. On 9 September, an 18-year-old German programmer was charged with creating Netsky and another worm, Sasser.

Source: http://www.newscientist.com/news/news.jsp?id=ns99996420

 

Your IP address:

18.221.61.135

All-in-one protection for Microsoft 365

All-in-one protection for Microsoft 365

FREE Hyper-V & VMware Backup

FREE Hyper-V & VMware Backup

Wi-Fi Key Generator

Generate/Crack any
WEP, WPA, WPA2 Key!

Network and Server Monitoring

Network and Server Monitoring

Follow Firewall.cx

Cisco Password Crack

Decrypt Cisco Type-7 Passwords on the fly!

Decrypt Now!

Bandwidth Monitor

Zoho Netflow Analyzer Free Download

Free PatchManager

Free PatchManager

EventLog Analyzer

ManageEngine Eventlog Analyzer

Security Podcast

Hornet-Security-The-Swarm-Podcast

Firewall Analyzer

zoho firewall analyzer