Zombie PCs: Silent, growing threat

The seemingly endless spate of worm infestations over the last year has left something even more troubling in its wake: armies of zombie PCs that can be used to send spam, attack Web sites, and generally wreak havoc over the Internet.

Worms such as Sobig, MyDoom, and Bagle have been identified as containing malicious code (malware) that allows remote attackers to take over infected machines -- while their victims are blithely oblivious.

Spreading Nasties

UK security firm Sophos estimates that 40 percent of spam is now sent by zombie machines. Sandvine, a network security firm, puts the figure at 80 percent. Distributed computing company Akamai Technologies Inc. blames zombie PCs for a denial of service attack that briefly blacked out sites like Google, Microsoft and Yahoo in June. Reuters reports that British teen hackers are hiring out their zombie networks for around US$100 an hour.

Besides relaying spam and launching DOS attacks, a zombie machine can be used to send phisher scams, spread viruses, download pornography, and steal personal information, says Carole Theriault, a Sophos security consultant.

"Basically, it is a complete invasion of privacy that can leave you penniless, can have your computer send out all kinds of nasties to innocent computers, and as part of the collective--sorry for Star Trek terminology--contribute to the cyberhavoc going around," Theriault says.

Are You a Zombie?

Sophos estimates half a million zombie PCs are operating worldwide; other sources put the figure as high as two million. A recent Earthlink study hinted of widespread malware installations. Those numbers are likely to climb even further, says Steve Gibson, president of Gibson Research Corporation and well-known PC security guru.

"There's a tremendous incentive for hackers to infect other people's PCs," Gibson says. "They don't care about your financial records, letters to your mother, or pictures of your family album. All that machine represents is bandwidth they can use for targeting other people."

Determining whether your PC is a zombie isn't always easy, says Fred Felman, vice president of marketing for Zone Labs Inc., a San Francisco security software maker. Symptoms can include a suddenly sluggish broadband connection, excessive hard drive activity, an unresponsive mouse or keyboard, or bounce notifications in your inbox from people you never tried to contact. Yet you could show all of these symptoms and still not be infected.

Experts agree that you can reduce your risk by installing a personal firewall and antivirus software, and keeping your Windows Updates up to date. Yet most home users remain woefully unprotected. A study conducted in May 2003 by the National Cyber Security Alliance found that two-thirds of home users did not have a properly configured firewall.

Later this summer Microsoft plans to release XP Service Pack 2, which will feature a beefed-up firewall and other security enhancements designed to reduce remote access to PCs. But Gibson fears widespread adoption of SP2 will cause new problems by creating a single point of attack for malware to defeat.

Good Fences, Good Neighbors

Even security-savvy users are at risk. Zone Labs' Felman says his own notebook was infected by the Sasser worm while he was attempting to uninstall one firewall and install another. He says users need to take a neighborhood-watch approach to fighting malware.

"We're all responsible for looking out for weird behavior in airports and our neighborhoods; we should also be looking out for weird behavior on the network," he says. "And we need to start by looking at our own machines."

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Daniel Tynan

PC World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Aysha Strobbe

Microsoft Office 365/HP Spectre x360

Microsoft Office continues to make a student’s life that little bit easier by offering reliable, easy to use, time-saving functionality, while continuing to develop new features that further enhance what is already a formidable collection of applications

Michael Hargreaves

Microsoft Office 365/Dell XPS 15 2-in-1

I’d recommend a Dell XPS 15 2-in-1 and the new Windows 10 to anyone who needs to get serious work done (before you kick back on your couch with your favourite Netflix show.)

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?