Language Selection

English French German Italian Portuguese Spanish

An Army of Soulless 1's and 0's

Filed under
Security

For thousands of Internet users, the offer seemed all too alluring: revealing pictures of Jennifer Lopez, available at a mere click of the mouse. But the pictures never appeared. The offer was a ruse, and the click downloaded software code that turned the user's computer into a launching pad for Internet warfare.

On the instructions of a remote master, the software could deploy an army of commandeered computers - known as zombies - that simultaneously bombarded a target Web site with so many requests for pages that it would be impossible for others to gain access to the site.

And all for the sake of selling a few more sports jerseys.

The facts of the case, as given by law enforcement officials, may seem trivial: a small-time Internet merchant enlisting a fellow teenager, in exchange for some sneakers and a watch, to disable the sites of two rivals in the athletic jersey trade. But the method was far from rare.

Experts say hundreds of thousands of computers each week are being added to the ranks of zombies, infected with software that makes them susceptible to remote deployment for a variety of illicit purposes, from overwhelming a Web site with traffic - a so-called denial-of-service attack - to cracking complicated security codes. In most instances, the user of a zombie computer is never aware that it has been commandeered.

The networks of zombie computers are used for a variety of purposes, from attacking Web sites of companies and government agencies to generating huge batches of spam e-mail. In some cases, experts say, the spam messages are used by fraud artists, known as phishers, to try to trick computer users into giving confidential information, like bank-account passwords and Social Security numbers.

Officials at the F.B.I. and the Justice Department say their inquiries on the zombie networks are exposing serious vulnerabilities in the Internet that could be exploited more widely by saboteurs to bring down Web sites or online messaging systems. One case under investigation, officials say, may involve as many as 300,000 zombie computers.

More than 170,000 computers every day are being added to the ranks of zombies, according to Dmitri Alperovitch, a research engineer at CipherTrust, a company based in Georgia that sells products to make e-mail and messaging safer.

"What this points out is that even though critical infrastructure is fairly well secured, the real vulnerability of the Internet are those home users that are individually vulnerable and don't have the knowledge to protect themselves," Mr. Alperovitch said. "They pose a threat to all the rest of us."

Full Article.

More in Tux Machines

SUSE Linux Enterprise High Availability Extension

Historically, data replication has been available only piecemeal through proprietary vendors. In a quest to remediate history, SUSE and partner LINBIT announced a solution that promises to change the economics of data replication. The two companies' collaborative effort is the headliner in the updated SUSE Linux Enterprise High Availability Extension, which now includes LINBIT's integrated geo-clustering technology. Read more

Tizen and Android

Open source is mission critical for Europe’s air traffic

It is entirely possible to use open source in a highly regulated environment such as air traffic control, says Dr Gerolf Ziegenhain, Head of Linux Competence & Service Centre (LCSC) in Mainz (Germany). Open source service providers can shield an organisation from the wide variety of development processes in the open source community. Read more

today's leftovers

  • DRM display resource leasing (kernel side)
    So, you've got a fine head-mounted display and want to explore the delights of virtual reality. Right now, on Linux, that means getting the window system to cooperate because the window system is the DRM master and holds sole access to all display resources. So, you plug in your device, play with RandR to get it displaying bits from the window system and then carefully configure your VR application to use the whole monitor area and hope that the desktop will actually grant you the boon of page flipping so that you will get reasonable performance and maybe not even experience tearing. Results so far have been mixed, and depend on a lot of pieces working in ways that aren't exactly how they were designed to work.
  • GUADEC accommodation
    At this year’s GUADEC in Manchester we have rooms available for you right at the venue in lovely modern student townhouses. As I write this there are still some available to book along with your registration. In a couple of days we have to a final numbers to the University for how many rooms we want, so it would help us out if all the folk who want a room there could register and book one now if you haven’t already done so! We’ll have some available for later booking but we have to pay up front for them now so we can’t reserve too many.
  • Kickstarter for Niryo One, open source 6-axis 3D printed robotic arm, doubles campaign goal
    A Kickstarter campaign for the Niryo One, an open source 3D printed 6-axis robotic arm, has more than doubled its €20,000 target after just a couple of days. The 3D printed robot is powered by Arduino, Raspberry Pi, and Robot Operating System.
  • Linux Action Show to End Eleven Year Run at LFNW
    Jupiter Broadcasting’s long-running podcast, Linux Action Show, will soon be signing off the air…er, fiber cable, for the last time. The show first streamed on June 10, 2006 and was hosted by “Linux Tycoon” Bryan Lunduke and Jupiter Broadcasting founder Chris Fisher. Lunduke left the show in 2012, replaced by Matt Hartley, who served as co-host for about three years. The show is currently hosted by Fisher and Noah Chelliah, president of Altispeed, an open source technology company located in Grand Forks, North Dakota.