Zombies: Don’t Let Your Home Computer or Network Become a Spam or DDoS Relay!

Next time you’re looking for a culprit for all that junk mail flooding your inbox, have a glance in the mirror.

Spammers are increasingly exploiting home computers with high-speed Internet connections into which they’ve cleverly burrowed. E-mail security companies estimate that between one-third and two-thirds of unwanted messages are relayed unwittingly by PC owners who set up software incorrectly or fail to secure their machines.

Spam represents one of the biggest threats to enterprise computing today. And the spam problem is only being compounded by zombie computers, which hackers use to relay their unsolicited bulk e-mail. Zombies could even be lurking on your own network! Your computer could be a ‘spam zombie’ and this becomes new loophole: poorly guarded home computers

A zombie computer is a computer attached to the Internet that has been compromised by a hacker, a computer virus, or a Trojan horse, and performs malicious tasks of one sort of another, under the direction of the hacker. Many owners of zombie computers are unaware that their systems are zombies or that any hacker attack ever occurred.

Infected zombie computers — mostly Windows PCs — are now the major delivery method of spam. Zombies have been used extensively to send e-mail spam; 50% to 80% of all spam worldwide is now sent by zombie computers. This allows spammers to avoid detection of the source of spam, and presumably reduces their bandwidth costs, since the owners of zombies pay for their computers’ use of bandwidth. For similar reasons, zombies are also used to commit click fraud against sites displaying pay per click advertising.

Zombies have also conducted distributed denial of service attacks, such as the attack upon the Spam Prevention Early Warning System (SPEWS) service in 2003. A denial-of-service attack (also, DoS attack) is an attack on a computer system or network that causes a loss of service to users, typically the loss of network connectivity and services by consuming the bandwidth of the victim network or overloading the computational resources of the victim system.

Attacks can be directed at any network device, including routers and Web, electronic mail, and Domain Name System servers. In a distributed attack, the attacking computers are often personal computers with broadband connections to the Internet that have been compromised by viruses or Trojan horse programs. These allow the perpetrator to remotely control machines to direct the attack, and such an array of computers is called a botnet. With enough such slave or zombie hosts, the services of even the largest and most well-connected websites can be disrupted.

Leave a Reply