Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Zombies"

From NetSec
Jump to: navigation, search
Line 1: Line 1:
{{cleanup}}
+
{{InUse}}
{{expand}}
+
 
 
== Definition ==
 
== Definition ==
  
Line 11: Line 11:
 
== Types of Attacks ==
 
== Types of Attacks ==
  
There are many ways a malicious hacker can benefit from a botnet. Botnets are commonly used to send spam e-mail, commit pay-per-click fraud, and launch distributed [http://www.blackhatacademy.org/security101/DDoS_Attacks denial-of-service attacks].
+
There are many ways a malicious hacker can benefit from a botnet. Botnets are commonly used to send spam e-mail, commit pay-per-click fraud, and launch distributed [http://www.blackhatacademy.org/security101/DDoS_Attacks denial-of-service attacks]. Other types of attacks include:
 +
 
 +
* Advertising Adware by replacing regular advertisements on websites with malicious adware advertisements
 +
* Advertising scareware and, basically, holding a zombie computer at ransom
 +
* Harvesting information, such as, passwords, user names, and banking information, via spyware, to send back to the bot herder.
 +
* Fast flux - a technique that utilizes the zombies as proxy servers to host malicious websites and advertise malware/spyware.
 +
* Brute-forcing machines via various services, such as, FTP, SMTP, and SSH
 +
* Password/Hash-Cracking
 +
* Infect other hosts
 +
* Commit voting fraud on website polls or fill a poker table at an online casino.
 +
 
 +
== Staying Safe ==
 +
 
 +
Due to the mass amount of IP addresses, botnets can be difficult to defend against, especially when under a denial-of-service attack.

Revision as of 14:24, 12 March 2012

Template:InUse

Definition

A zombie computer, often referred to as a zombie, is a computer that is connected to the Internet and has been compromised by a hacker, worm, trojan, or some other form of malware. Zombies are typically only one of many other infected computers in the zombie "horde," also known as a "botnet." These infected computers execute commands that are issued remotely from a botnet command & control server to perform malicious tasks. Most of the time, users of these zombie computers are unaware that their system is compromised and may be linked to illegal activities, hence the metaphor of a brain-dead zombie.

Exploitation

Computers are compromised by bot herders via various methods, such as, drive-by browser exploits or tricking the user into running a malformed program. However, like anything in the hacker world, there is no general rule for how one is infected. Botnets are typically controlled via IRC, however, they have also been controlled via Instant Message and Twitter. The most common place for these infected programs is in the "warez" scene.

Types of Attacks

There are many ways a malicious hacker can benefit from a botnet. Botnets are commonly used to send spam e-mail, commit pay-per-click fraud, and launch distributed denial-of-service attacks. Other types of attacks include:

  • Advertising Adware by replacing regular advertisements on websites with malicious adware advertisements
  • Advertising scareware and, basically, holding a zombie computer at ransom
  • Harvesting information, such as, passwords, user names, and banking information, via spyware, to send back to the bot herder.
  • Fast flux - a technique that utilizes the zombies as proxy servers to host malicious websites and advertise malware/spyware.
  • Brute-forcing machines via various services, such as, FTP, SMTP, and SSH
  • Password/Hash-Cracking
  • Infect other hosts
  • Commit voting fraud on website polls or fill a poker table at an online casino.

Staying Safe

Due to the mass amount of IP addresses, botnets can be difficult to defend against, especially when under a denial-of-service attack.