Computer Crime Research Center


Microsoft warns against zombies

Date: June 12, 2006
By: Eric Bangeman

When we first reported on zombie PC networks a couple of years ago, the idea seemed kind of novel. Infect the machines with a malicious program, instruct them where to go for further instructions, and get them to do your nefarious will. Then you can tie a few thousand of them into a single network and auction them off to the highest bidder so that they can be used for spamming or serving up pop-up ads.

It turns out that the idea has become popular. In fact, zombie PCs infected by backdoor Trojan horses are the top security issue according to a new report released by Microsoft. Of the PCs found to contain malware by Microsoft's Windows Malicious Software Removal Tool over a 15-month period ending in March 2006, over 60 percent of them were part of a zombie network.

The Windows Malicious Software Removal Tool was introduced in January 2005, and since then, has found and removed malware from 5.7 million of the 270 million different computers it has been run on. After bots, the second-most-prevalent form of malware is e-mail worms. Those were found on around 18 percent of PCs with malware infestations.

Rootkits account for a relatively minor number of the total number of infestations, accounting for just under 14 percent of the malware found. Sony's infamous rootkit was a major source of that particular flavor of malware, which is particularly interesting given the fact that Microsoft was initially reluctant to label it as such. The Windows Malicious Software Removal Tool removed over 260,000 Sony-installed rootkits from users' PCs.

Figures on spyware infestation were not part of the study, as the Windows Malicious Software Removal Tool does not look for and remove spyware.
Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo