Computer Crime Research Center


Undead zombie PC: Are you a zombie?

Date: February 10, 2006
By: Bryan Betts

Are you harbouring zombies? There's a fair chance you could be, if Paul Judge, the CTO of e-mail security firm CipherTrust, is right - he says that his company's statistics, gathered from its customers and a network of honeytrap PCs, show that a quarter of a million new zombie PCs come online every day.

That's a staggering number, but if you take a look at the log of a firewall connected to almost any ISP's network, it gets a whole lot more believable - all day long, that firewall will be hit by port scans and pings, some harmless, but most representing an infected PC elsewhere on the network trying to propagate its infection.

It's no surprise then to hear that an unprotected PC on the public Internet is likely to pick up its first virus or Trojan infection within seconds. "We deployed a new honeytrap PC in Europe a few months ago," says Judge. "It had 300 distinct variants of malware installed on it overnight - without it even doing anything on the Internet."

That means there's most likely a whole army - a veritable fifth column - of zombie PCs out there, waiting for someone to give them the nod, whether it be for spam, phishing or harvesting new zombies. It's the ultimate grid computer, but it's in the hands of the bad guys.

"Very few supercomputers on Earth have that sort of power," says Judge. "What sort of problems could you apply that threat to? We deal in DoS attacks from thousands of PCs - but millions? Most risk models today assume a finite capability for the adversary, but this completely changes that."
Original article

Add comment  Email to a Friend

Discussion is closed - view comments archieve
2006-02-10 17:05:31 - :s Anonimo
Total 1 comments
Copyright © 2001-2013 Computer Crime Research Center
CCRC logo