Over 1 Million Zombie Computers - is your's one of them?

Honeynet, an international security research and education project, has recently published the findings of a research paper which has identified more than 1 million "zombie" computer systems, also known as "bots", which are able to be controlled centrally by a hacker in a whole range of ways.

Commonly infected without the knowledge of the user of the computer system, these zombie machines connect to a central control point using Internet Relay Chat, or IRC. Once connected to the IRC network, or channel, the Bots are then able to be used for a range of malicious activities, such as spamming, denial of service attacks and traffic sniffing (to steal credit card details and passwords).

Honeynet had tracked over 100 botnets over the last four months, with some disappearing during this time, and many others which has continued to grow. One of the larger botnets had more than 200,000 unique addresses connect to a channel during the monitoring period, providing some appreciation of the scale of this phenomenon.

The increasing prevalence of broadband internet connections makes this kind of technology even more disturbing. With 3000 machines on broadband, a hacker can take control of more bandwidth than the largest datacentres in the world, and because the systems can be spread out, trying to defend from these attacks is almost impossible.

The biggest fear for your average user, however, is the legal liability. When you connect to an ISP, you generally agree to terms and conditions that make you liable for what happens over that internet connection. Whether this activity means bringing down Yahoo with a DoS attack, downloading child pornography or hacking into other machines, the excuse "the hacker made me do it" is unlikely to hold a lot of water.

To ensure you don't become a zombie, make sure:

  1. You patch your machine regularly. Go to http://www.windowsupdate.com/ to find out how. It is free, and is the easiest way to stay safe.
  2. Install anti-virus and spyware software, so that if you are compromised, you'll know about it. Check out our story from January 2004 to find out more.
  3. Use a firewall or other security product if you're on broadband. This is a must. For a good, free system, check out ZoneAlarm from http://www.zonelabs.com/.

Add Your Comment

No one has commented on this page yet.