--  
NEWS
----
October 2011
In this issue: Spooky Security Trends | Is Your Computer a Zombie? | How Cyber Aware Are You?

Is Your Computer a Zombie?

You may have heard of botnets and zombie computers. Still, even with all of the references to them in the news these days, it's not easy to gain a clear understanding of what they are, and how they might be affecting you. In simple terms - A zombie computer is a system that has been infected and taken over remotely by cyber criminals. A collection of zombie computers makes up a botnet.

A botnet is a network of compromised, or infected, computers that hackers have commandeered. PCs that are part of a botnet are often referred to simply as "bots" – or zombie computers.

Botnets are part of the multilayered and profitable crimeware industry, where the initial step is to infect and take control of a targeted computer. PCs in a botnet are under the remote command and control of hackers. As part of that, hackers can take advantage of all of the resources on a machine (from personal information to bandwidth), and use it to perform malicious tasks under remote direction - all to carry out their criminal intentions.


What are botnets used for?

Botnets are controlled remotely by hackers to distribute spam, viruses, and theft schemes - and to hijack additional computers. The main motivation behind botnets, in recent years, is for monetary gain by cyber criminals. Once compromised, cyber criminals have complete access to the infected machine; they are able to load software onto it, or pull information off of it.

Bot herders, the hackers who control botnets, can instruct thousands of computers to follow their orders, whether it's to propagate spam messages, launch fraud schemes or to issue denial of service attacks, targeting certain, often high-profile, websites in order to make them unavailable to users. Once bot herders compile a group of compromised machines, they can sell it to fraudsters who are then capable of using the exploited machines for identity and data theft.


How do I know if my computer is part of a botnet?

Most owners of compromised PC are unwitting victims, never realizing that they have allowed unauthorized access to their computers. Machines are infected without the knowledge of the computer user; usually access to the system is gained through a virus, worm, or Trojan. The symptoms of infection are generally very subtle and are not immediately apparent to the average computer user without using special tools. Still, there are telltale signs and symptoms which may indicate a problem.

  • A slow computer
    The most apparent sign, according to the analysts as Lavasoft Malware Labs, is "slow computer" syndrome: your Internet connection becomes strangely sluggish, or your PC gets slower as you run a few programs on it simultaneously. (However, users should note that this can also be caused by other types of malware, as well as other PC problems.)

  • Accused of sending spam
    Being accused of sending spam is a sign that your system is infected and is part of a spam bot.

  • Detecting malware responsible for bots
    By running an anti-spyware and anti-virus program, the security software will be able to root out an infection and classify it as a bot.

  • An unknown or suspicious process is running in the background on your PC
    If you use a firewall to monitor network traffic, the program will allow you to spot suspicious traffic on your PC.

For more technically-oriented computer users, bot activity can be discovered through packet sniffer tools and knowledge about different protocols, ports, Windows Registry, processes and TCP/IP. This includes:

  • Large amounts of network traffic
    Bots often connect to remove servers; they may use a questionable amount of bandwidth and cause network traffic even if you are not online.

  • IRC Traffic
    Internet Relay Chat (IRC) is a type of real-time Internet messaging, designed mainly for group discussion forums. IRC bots connect to IRC as a client, performing automated functions but appearing to be another IRC user.

  • SMTP Traffic
    Simple Mail Transfer Protocol (SMTP) is an Internet standard for e-mail across IP networks. Bots may use a built-in SMTP-engine to send spam to other users.

  • Open Ports
    Open ports allows applications to multitask and use different protocols at the same time. All computer devices on a network need a channel to allow them to communicate with each other. Bots may search for open ports to be able to start a synchronization or communication.
Shop and Bank Safely Online
Upgrade to Ad-Aware PRO. Get $10 OFF.
Shop and Bank Safely Online
Upgrade to PRO - Save 10$
Did you know?
A botnet can consist of hundreds of thousands, or even millions, of zombie computers. A single PC in a botnet can send thousands of spam messages per day, often even without the user's knowledge.
Tips & tactics
What can you do to help promote National Cyber Security Awareness Month? Visit StaySafeOnline.org for numerous tools and resources on how to stay safe online and raise awareness about the importance of online security. 
facebook
By the numbers
The number 1 password still used in the US is PASSWORD.
Follow us
facebook linkedin twitter youtube
More Ways to Learn

Lavasoft Security Center

Lavasoft Malware Labs Blog

Lavasoft Company Blog 		More Ways to Shop

Lavasoft Store

Lavasoft Partner Store

Lavasoft Special Offers 		Need Help?

Lavasoft Support Center

Lavasoft Support Forums

Lavasoft Product FAQS
Speak your mind...