Questions about this topic? Sign up to ask in the talk tab.

Zombies

From NetSec
Revision as of 15:24, 12 March 2012 by Jina24Dwdevgca (Talk | contribs)

Jump to: navigation, search

Template:InUse

Definition

A zombie computer, often referred to as a zombie, is a computer that is connected to the Internet and has been compromised by a hacker, worm, trojan, or some other form of malware. Zombies are typically only one of many other infected computers in the zombie "horde," also known as a "botnet." These infected computers execute commands that are issued remotely from a botnet command & control server to perform malicious tasks. Most of the time, users of these zombie computers are unaware that their system is compromised and may be linked to illegal activities, hence the metaphor of a brain-dead zombie.

Exploitation

Computers are compromised by bot herders via various methods, such as, drive-by browser exploits or tricking the user into running a malformed program. However, like anything in the hacker world, there is no general rule for how one is infected. Botnets are typically controlled via IRC, however, they have also been controlled via Instant Message and Twitter. The most common place for these infected programs is in the "warez" scene.

Types of Attacks

There are many ways a malicious hacker can benefit from a botnet. Botnets are commonly used to send spam e-mail, commit pay-per-click fraud, and launch distributed denial-of-service attacks. Other types of attacks include:

  • Advertising Adware by replacing regular advertisements on websites with malicious adware advertisements
  • Advertising scareware and, basically, holding a zombie computer at ransom
  • Harvesting information, such as, passwords, user names, and banking information, via spyware, to send back to the bot herder.
  • Fast flux - a technique that utilizes the zombies as proxy servers to host malicious websites and advertise malware/spyware.
  • Brute-forcing machines via various services, such as, FTP, SMTP, and SSH
  • Password/Hash-Cracking
  • Infect other hosts
  • Commit voting fraud on website polls or fill a poker table at an online casino.

Staying Safe

Due to the mass amount of IP addresses, botnets can be difficult to defend against, especially when under a denial-of-service attack.

Retrieved from "http://nets.ec/index.php?title=Zombies&oldid=3545"