Why Many Home Users Need A Zombie PC Fix - But Don't Know It!
Studies have shown that there's a lot of computers requiring a zombie PC fix...
70-80 percent of spam now emanates from BotNets, much of it coming from IP ranges allocated to the ADSL accounts of home users!
Let's find out more about this rising danger to computer users by taking a look at...
- How Your Computer Is Compromised
- Why Home Users Are Susceptible
- Why Spammers Want Zombie PCs
- Making Money From Botnets
- Steps For Prevention
- Supporting Articles
1. Zombie PC Fix... How Your Computer Is Compromised
A computer needs a zombie PC fix when it is infected with a Trojan or worm having a backdoor component.
A backdoor is code that is written to open an obscure port on a computer, allowing someone with the knowledge of that code to bypass all the features to guard privacy and security of the PC.
Security firms believe most of the well-publicized worm attacks, such as MyDoom and Bagle were launched to install spam Trojans on unsuspecting end users' machines, so turning them into zombie PCs. The identity of each spam PC is added to lists which are sold on. A spammer, virus writer or cracker with this list can then take control of the compromised PCs.
They can use the zombie computers, or bots, as networks of spam machines, or botnets, to launch the next variation of viruses, denial of service attacks, or to steal personal information for identity theft, for example.
2. Zombie PC Fix... Why Home Users Are Susceptible
The reason home users are susceptible is that spammers and crackers know that home users are notorious for not keeping their protection to guard privacy and online security up-to-date. Unfortunately, studies show that the confidence of the perpetrators is justified.
Unfortunately, many home users don't update their software with the free patches offered by Microsoft and other vendors... the aim of which is to guard privacy and online security. So, they are leaving their PCs open to these attacks and the risk that their computer becomes a bot requiring a zombie PC fix.
3. Zombie PC Fix... Why Spammers Want Zombie PCs
Going back a few years, spammers could only operate by opening an e-mail account to send their millions of messages.
However, the Internet service providers (ISPs), under pressure to accept some responsibility for controlling spam, look for abnormal spikes in outbound mail traffic, then block the offending account.
By using zombie PCs, rather than open mail relays or unscrupulous hosts, spammers are able to bypass these IP address blacklists.
Botnets are moving targets. It doesn't matter if there is a zombie PC fix carried out by the user, or an ISP shuts down a few infected PC's... there are thousands of other spam computers pouring out spam and more that will become infected and added to the spam botnet.
As individual zombie PCs on a spammer's network keep changing, so the effort to identify and stop spam operators gets that much harder. However, the spam operator still has to contact each zombie PC in the network. This requires bandwidth, not only costing money but also flagging a spike of activity that can alert ISPs.
To counteract this risk to their business, there has been collaboration between the spammers and virus writers, resulting in the development of even more sophisticated malware. For instance, there isBobax, a self-propagating Trojan, programmed to automatically send out spam and incorporating its own list of email addresses.
BlackSpider Technologies discovered one botnet that was responsible for issuing 50 million identical spam emails per day and which had compromised at least 150,000 computers. Each zombie PC sent out around 330 emails a day. At this low mail-out rate, users of compromised machines and their ISPs will not notice anything... so, the Zombie PC remains undetected.
4. Zombie PC Fix... Making Money From Botnets
When most of us do our best to prevent spam getting into our inbox, how can spammers make money through their botnets?
Well, in fact, approximately 0.05 percent of us view spam. About 0.01 percent of us purchase through a link in spam email.
Spammers send out millions of spam emails and can receive $0.01 for each spam ad viewed. For every million e-mails sent, they can expect a $50 return. Not much, but when twenty runs a month are sent out, that's $1000... and that's before the income from people who buy the service or product advertised.
There's also money to be made from the home user's misfortune of unknowingly being part of a zombie PC network. The malware code authors sell the services of their botnets to spammers and others with malicious intent. From these networks, they launch Denial of Service, spam, virus and spyware attacks to gather personal identification for fraud, financial and identity theft.
The IP addresses of compromised machines are traded over IRC (Internet Relay Chat) networks. Payment is generally made to anonymous online accounts. As an example, the German magazine c't reported how it was able to buy access to infected machines from virus writers.
Finjan, a security company, has also reported on the proliferation of online auctions to sell malware, including the ability to propagate zombie PCs.
The sale of zombie PC lists is growing more sophisticated. The dealers will offer access to broadband/ADSL PCs at a premium and will change the lifetime of the list to maintain sales.
For instance, the Sobig virus self-terminated after approximately two weeks. This allowed the dealer to sell a list of zombie PCs that were currently infected with Sobig. Then, after the virus had terminated, another batch of PCs was infected and the list sold again!
However, I know some of you will be pleased to hear that it's not all one way for the so-called botmasters...
The first prosecution of its kind -- and which resulted in the longest known sentence for the spreading of computer malware -- occurred in May, 2006, when Jeanson Ancheta, a Californian, was jailed for almost five years for running a zombie PC network of around 400,000 compromised computers!
Ancheta had pleaded guilty to infecting the computers with software that caused them to show cash-generating ads, and renting them to crackers and spammers to send junk mail and launch Denial of Service attacks against Web sites.
400,000 compromised computers requiring a zombie PC fix!! And that's just one botnetwork that was discovered... and none of the victims were aware that their computers were caught up and part of this concerted attack on others.
5. Zombie PC Fix... Steps For Prevention
Perhaps this article has given you a sense of how easily -- and unwittingly -- our computers are at risk. The good news is, a zombie PC fix will prevent our computers becoming recruited as a part of a botnet...
These steps are about minimizing the impact of spam and setting up defenses to protect us from infection by backdoors.
There is a lot of useful information to cover here, so I've split it into two further articles...
- Practical Steps For A Zombie PC Fix
- Software Steps For A Zombie PC Fix
There are other relevant articles which will help you deal more effectively and confidently with the dangers of spam...
6. What Does Spam Stand For?... Supporting Articles
- The Best Spam Slammers To Protect You From Spam Dangers
- What Does Spam Stand For?
- Spam Slammers... These Are The Dangers When Spam Gets Through
- The Four Types Of Spam Slammers
- How To Spam Spammers
- Spam Spammers With MailWasher Pro
- Reduce The Load Of Your Spam Slammers By Keeping Off Spam Lists
- Phishing And How To Block It