Computer Security 2

< CS101

Focus on Malware

Zombie Botnets

In parallel with other harm, the malware may set up the compromised machine as a "zombie" or "bot". A zombie is a machine, one of thousands, which all together form a "botnet". The owner of the botnet can distribute tasks to be done by all the zombies, like this: "ok everyone, here is a list of 10 million email addresses, start sending spam email to them." Because the number of zombies is large, the botnet can accomplish things that require a lot of machines. Sending spam is a great example. Another great example is doing dictionary-password attacks on random websites, as shown previously.

DDOS Attack

The zombies can also be used to "attack" a web site, by all trying to access it at the same time. With some tends of thousands of machines all hitting a site at the same time, it is possible to in effect make the site unavailable to the internet. This is called a "denial of service" (DOS) attack. It's not breaking into the site or stealing passwords or money; instead it's making the proper function of something unavailable.

Obviously the botnet is not paying the owner of the machine. The botnet is stealing the use of the machine from its proper owner. If a machine seems sluggish in regular use, and the networking lights are blinking like mad all the time... the machine may be a zombie. Like a parasite in the real world, the zombie software wants the machine to still mostly work for its owner, otherwise they would be motivated to clean it.

One problem with zombies is that the owners may not be all that motivated to fix it. The millions of compromised Windows machines out there are putting out this pollution that causes problems for us all. If you think a machine is a zombie, you should erase it and fix it. The zombie may be doing who knows what with your passwords, your data, there's too many risks.

In what would make a most interesting Business School case study, there are active markets in botnets. The botnet owners basically rent out their botnets for spamming or whatever use a bad guys wants to pay for that day.

Phone Malware