Night of the living computers
By Noa Bar Yosef, Senior Security Analyst, Imperva | Oct 29, 2010
As Halloween looms, zombies worm their way into our consciousness once more. But these days your traditional zombie has a rival – not exactly a clone, but a modern version with equally nasty habits.
Where the original zombie was said to be typically a reanimated corpse or a human being controlled by someone else by use of magic, today’s computer version is controlled by cyber criminals who are usually after your bank, social network or webmail credentials.
Traditional zombies originated in the West African spiritual belief system of voodoo, and became a popular device in modern horror fiction, largely because of the successful 1968 film Night of the Living Dead.
Four decades later, we are still fighting zombies. The computer variety connects to the Internet after an innocent user’s PC has being compromised by a hacker, computer virus or malicious software called a trojan. Usually, a compromised machine is one of many in a botnet, which will be used to perform malicious tasks of one sort or another under remote direction.
Most zombie-infected computer owners are unaware that their system is being used in this way. This lack of awareness is why such computers are compared to traditional zombies.
The modern zombies have been growing in strength and power over recent times. The bad news for their victims is that today's industrialised hackers are demystifying two zombie myths: (1) zombies are uncoordinated, and (2) zombies are slow.
With just a few clicks, a hacker can issue command and controls (C&Cs) to waken a group of zombies. This group then becomes part of the attacker's ‘botnet’ – a cyber-army under his/her control. The attacker then issues different C&Cs to the botnet to perform the required cyber-attack.
A major goal of these botnets is to probe Web application vulnerabilities and extract valuable data, such as:
- Banking credentials to gain access to a victim's online banking system.
- Social network credentials to hijack a victim's profile and scrape their friend list and send out spam.
- Webmail account credentials to gain personal information on the individual for spear-phishing.
The bottom line is, beware of zombies because today's sophisticated hackers can conduct fully muscular attack campaigns, using a corporate ‘dashboard’ detailing attack movements and advancements, within an hour!
How do you fight a computer zombie? Avoid being the next victim, use common sense. If a link seems too good, don't click. Update your computer with the latest patches; and ensure your anti-virus software is always enabled and up-to-date.
So, safe computing for Halloween, plus the rest of the year. And watch out for those ‘real’ zombies!