"I'd like to borrow your network.........."
Posted on 09/20/2004 5:30:58 AM PDT by Bloody Sam Roberts
More than 30,000 PCs per day are being recruited into secret networks that spread spam and viruses, a study shows.
Six months ago only 2,000 Windows machines per day were being recruited into these so-called bot nets.
Experts say the numbers are growing quickly because the remotely controlled networks are so useful to people who profit from hacking and virus writing.
The figures came to light in Symantec's biannual Internet Threat Report which traces trends in net security.
Hidden harm
Nigel Beighton, a member of Symantec's Threat Team, said the number of PCs being enrolled in these networks was the stand out statistic for the latest report which covers the first six months of 2004.
The peak of new recruits was 75,000 in one day.
This high watermark was hit when the creators of the MyDoom and Bagle viruses were conducting an online war that resulted in many different versions of their malicious programs being released.
Once created the networks of zombie PCs are used as anonymous relays for spam, to launch denial of service attacks on websites or simply to steal confidential information about a PC's owner.
Mr Beighton said the methods used to recruit PCs marked a significant change in the activity of virus writers and malicious hackers.
In the past many people wrote viruses to gain notoriety or "bragging rights" among their peers. Status in such groups revolved around the number of machines infected and how fast a virus spread.
However, said Mr Beighton, because the bot nets are being put to many outright criminal uses, the writers of the programs that create the networks are happy for their creations to stay out of the limelight.
"When you look at the statistics you see that the level of attacks continues about the same level," he said, "what has changed is how they are operating."
"We're seeing increased use of backdoors and worms written in technically accomplished ways so they do not give themselves away," he said.
Sneaky worm
The Sasser worm was a good example of this new trend, said Mr Beighton.
That virus did not spread particularly quickly, yet managed to find and recruit many thousands of machines.
What has also fuelled the rise of the bot nets is the willingness of virus writers to share their malicious code so it can be altered and re-used by others.
As a result there are now some viruses that are appearing in a bewildering number of guises. For instance there are now more than 200 varieties of the Gaobot worm.
Mr Beighton said that although many net service firms were working hard to find and clean up compromised machines, many thousands were still in place because they are not yet active or only activate infrequently.
It was too early to say whether Microsoft's SP2 update for Windows XP was going to make a difference to the numbers of PCs being recruited into bot nets.
"The key challenge for Microsoft is not XP users," said Mr Beighton, "it's the Windows 98 and 95 machines."
"Getting those people to upgrade and improve their security is going to make the difference," he said.
REPORT HIGHLIGHTS
"Grow hair!"
That's a good ad.
I got nailed with some weird active x program that sonehow bypassed my raised security settings in IE. I was inundated with Casino ads, porn links and several spyware apps that just about wrecked my pc....I moved to Firefox last week event hough I have tried FF when it was first introduced, its still not my preffered choice, but MS has some SERIOUS damage control it needs to do.
Although this isn't the same, its definately something to tell people who don't realize.
Who ever does the voice pf the horse did a great job....
sounds like Carlton the doorman...lol
I scanned my computer the other day and had 71 viruses/spyware on it.
My anti-virus software has helped me eliminate about half. Still working on about 30 of them.
LOL!
I heard there's data in there!
Can I borrow your data!
I've got about 4 different spyware scanners installed here. Running them at bootup and bootdown every night helps keep this malware/spyware under control.
I'm going to go look at the store today and buy one.
My wife has a PC, as do my parents, and we're on a daily battle against spyware, adware, viruses, and worms. As a Mac user, I try to be "aware" of what I download onto my computer, though there's really no significant threat to Macs....
I'm a software developer, and use both Macs and PCs at work. Never had any malicious software attack my Mac. Can't say the same about my PCs....
My guess was Adam Carolla...formerly of The Man Show.
Protect against spyware - SpywareBlaster from Javacool Software - free download
I use that along with SpyWare Guard which keeps an eye on new BHOs being added and Homepage changes. Both are freeware and are from Javacool Software.
first thing for every user in the universe would be to look for windows updates. XP users might think twice about downloading the new Service Patch 2 for a while - it has issues and takes a long time to download on a slow line, and makes a lot of config changes. All others (w98, win2K, etc) should all be updating with every critical update.
I use Ad-aware from www.lavasoftusa.com (free), Spybot search and destroy 1.3 from http://www.safer-networking.org/en/download/ (free), and spywareblaster, from http://www.javacoolsoftware.com/spywareblaster.html (free), and run them every day..always get the updates.
then, there are free online scans at web sites...besides your own antivirus, run the free scans at
www.antivirus.com, http://www.pandasoftware.com/activescan/com/activescan_principal.htm, and a few other sites.
Thanks for the info...
I wonder if they aren't some way to infect my computer and then use my email account to send spam, as I sometimes get spam sent from my email address! I've emailed verizon about it lots of times, but they don't respond with more than a form email.
Anybody know what these are?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.