Friday, June 15, 2007

Computers of the living dead—UPDATED IMPORTANTLY

The FBI celebrates a zombie jamboree--About a million of you are about to be contacted by the FBI. No, you haven't done anything wrong, but your computer has been really, really bad. You can't much blame it; truth be told, it was taken over by zombies. You may know them as bots.

According to the FBI, the bots are "a growing threat to national security." This should be taken with several grains of salt since everything is a "a growing threat to national security" to the FBI, and because we all know how wonderfully competent the agency is. We might also mention that the FBI uses computer technology from the 1970s. Their department is run by Alberto Gonzales. Nevermind....

Bots, or zombies, are malicious programs that usually ride in as an e-mail attachment or on a web page. They essentially take over your computer. In most cases, you have no idea what your computer is doing when you aren't on it; in fact, you have no idea what it is doing when you are on it unless you know where to look. The evil doers (bot-herders) hook your computer up to other computers whose souls have been stolen into a zombie network (bot-nets) and use the network to transmit spam, spread spyware, or hide illegal content, including pornography or pirated movies, or databases they don't want anyone else to find. You could be sitting there like a good citizen, minding your own business, while your computer is grinding out thousands of messages from Nigeria promising unheard-of wealth, or Viagra from Bosnia. The bot-nets could involve tens of thousands of computers. In a program called Operation Bot Roast (well, someone there has a sense of humor), the FBI has been able to identify 1 million computers that have been compromised. Several of the evil doers have been arrested, including Alan Soloway, one of the kings of spam, who sent his bots or zombies off to dispatch millions of pieces of spam. Some of these guys establish their bot-nets and sell them to the highest bidder.

If you find you are infected, the FBI says, don't call them. They can't help. You can get software to save your machine or hire a professional.

How do you know your computer is a zombie? It may slow down for reasons not clear, something like loosing weight for unexplained reasons can hint you have a cancer. Your mail may contain lots of messages in the "sent" basket, that you didn't send. You may also get rude messages insisting you are sending spam when you are good and honorable person who wouldn't dream of such a thing.

How can you prevent it, you may ask? First and foremost, never open an attachment in your mail unless you know who sent it and what is in it. Chuck it in the trash basket. The chances of you losing something important are minimal. If you have a firewall, keep it on. If you have anti-virus software, keep it up to date. Install anti-spyware software. Keep your operating system current. Turn your computer off at night.

Or, (God, he's SO smug) get a Mac and stop worrying about all that crap. There has never been a single incident of a Mac being taken over.

UPDATE: Want to know how it's done? Read this from John Murrell's Good Morning Silicon Valley:
Making the rounds now is an e-mail bearing the subject line "Microsoft Security Bulletin MS07-0065" that describes a new vulnerability in Microsoft Outlook and provides a link to a patch. Don't click it. Instead of being directed to a Microsoft site, your computer will be steered to a compromised server where it will be vigorously encouraged to enlist in a zombie army.

"Security bulletins from Microsoft describing vulnerabilities in their software are a common occurrence, and so its not a surprise to see hackers adopting this kind of disguise in their attempt to infect Windows PCs," said Graham Cluley, senior technology consultant for security outfit Sophos. "The irony is that as awareness of computer security issues has risen, and the need for patching against vulnerabilities, so social engineering tricks which pose as critical software fixes are likely to succeed in conning the public. By using people's real names, the Microsoft logo, and legitimate-sounding wording, the hackers are attempting to fool more people into stepping blindly into their bear-trap."

Just remember -- Microsoft never sends security alerts or patches by e-mail.
Comment on this post

No comments: