10/27/2005

Microsoft Fights Zombies

Filed under: — By Aviran Mordo @ 2:44 pm

In less than three weeks, this single zombie received 5 million connection requests from spammers and 18 million spam messages advertising more than 13,000 individual Web sites.

Unlike the zombies of B-movie imagination, which are easily identifiable by their typically gruesome appearance and menacing groans, zombie computers are silent stalkers. People who use the Internet may never know that their computers have been compromised and turned into a conduit for sending millions of pieces of illegal spam or facilitating other illegal activity. More than half of all spam is sent through infected computers, according to industry reports.

To combat the zombie threat, Microsoft today revealed some of the technological and legal maneuvers it has used to unmask the individuals using several zombies to send spam. Microsoft investigators intentionally created a zombie computer, quarantined it to prevent it from actually sending spam messages, then carefully watched it for 20 days while investigators tracked and traced all Internet communications through the infected computer.

The statistics the investigators compiled were staggering. In less than three weeks, this single zombie received 5 million connection requests from spammers and 18 million spam messages advertising more than 13,000 individual Web sites. Evidence gathered in this exercise contributed to a lawsuit that has now identified 13 different spamming operations.

鈥淭he widespread use of zombie computers to commit crimes over the Internet presents a very real danger to law-abiding computer users,鈥? said Tim Cranton, director of Internet Safety Enforcement Programs at Microsoft. 鈥淭his is precisely why Microsoft initiated this investigation into zombies and took legal action. As a result, we have identified more than a dozen spamming operations exploiting zombie networks to send millions of illegal spam messages. We will continue our investigations and will maintain a steady, concerted effort to identify and target criminals to help make the Internet safer.鈥?

The FTC, a federal consumer-protection agency on the forefront of the fight against cybercrime, has also intensified its efforts against zombies. Its 鈥淥peration Spam Zombies鈥? with 35 government partners from more than 20 countries encourages Internet service providers (ISPs) to take zombie-prevention measures. The goal is to identify spam zombies and urge the providers that are hosting them to implement corrective measures. This month the FTC also launched OnGuardOnline.gov, a Web site that provides tips, articles and videos for computer users to help protect themselves and their information from online threats.

Internet users should follow these steps to prevent their computers from becoming zombies:

  • Use a firewall to help protect their computer from hacking attacks while it is connected to the Internet
  • Get computer security updates or use the Automatic Updates feature to help shield their computer from viruses, worms and other threats
  • Use up-to-date anti-virus software to help protect themselves from new threats
  • Get anti-spyware software, and beware of trickery to get them to download and install unwanted and sometimes destructive software, such as music or file-sharing programs and free games
  • Be cautious about opening any attachment or downloading files, and never open attachments from people they do not know

Computer users can find more online tips to better protect their computers at the FTC鈥檚 Web site and at Microsoft’s Security At Home Web site.

 

Leave a Reply

You must have Javascript enabled in order to submit comments.

All fields are optional (except comment).
Some comments may be held for moderation (depends on spam filter) and not show up immediately.
Links will automatically get rel="nofollow" attribute to deter spammers.

Powered by WordPress