Advertisement

Botnets, the rogue invaders of cyberspace

Reading Time:3 minutes
Why you can trust SCMP
0

These viruses can cripple business competitors and generate spam e-mail and host sites that extract financial information from the unsuspecting

ANTI-VIRUS SOFTWARE vendors regularly sound the alarm as new viruses or new variants of old viruses are released. One of last week's highlights was two waves of e-mails bearing multiple fresh versions of the Bagle Trojan horse.

Launched on consecutive days by an unknown attacker, these latest versions of the Bagel Trojan Horse attempt to turn off anti-virus and security software, block access to security websites, and remove rival malicious codes from the PCs that they have penetrated when unsuspecting victims open an executable attached to the spammed e-mail.

According to anti-virus vendor Sophos, the attacks started about the same time on Monday and Tuesday last week and lasted for several hours on each occasion, attempting to infect as many PCs as possible around the world.

These kinds of sophisticated attacks represent the sharp end of a growing illicit trade in botnets - networks of compromised or zombie computers that, unknown to their owners, are under the control of hackers and up for hire to perform nefarious tasks.

Botnets can be created through both Trojan Horses, namely malicious code disguised as harmless executable files, and worms, or mass-mailing viruses, by leaving a bot on a compromised computer. The bot stands ready to respond to commands from the attacker through an IRC (Internet Relay Chat) server. Once in the system, the bot may also start searching for other PCs to compromise and expand the network.

'These are often used to send spam, launch new virus campaigns, spy on others or launch denial-of-service attacks,' said Charles Cousins, managing director, Sophos Asia. Mr Cousins said his company estimated that more than 50 per cent - a conservative figure - of all spam today originated from zombie computers.

Advertisement