Language Selection

English French German Italian Portuguese Spanish

An Army of Soulless 1's and 0's

Filed under
Security

For thousands of Internet users, the offer seemed all too alluring: revealing pictures of Jennifer Lopez, available at a mere click of the mouse. But the pictures never appeared. The offer was a ruse, and the click downloaded software code that turned the user's computer into a launching pad for Internet warfare.

On the instructions of a remote master, the software could deploy an army of commandeered computers - known as zombies - that simultaneously bombarded a target Web site with so many requests for pages that it would be impossible for others to gain access to the site.

And all for the sake of selling a few more sports jerseys.

The facts of the case, as given by law enforcement officials, may seem trivial: a small-time Internet merchant enlisting a fellow teenager, in exchange for some sneakers and a watch, to disable the sites of two rivals in the athletic jersey trade. But the method was far from rare.

Experts say hundreds of thousands of computers each week are being added to the ranks of zombies, infected with software that makes them susceptible to remote deployment for a variety of illicit purposes, from overwhelming a Web site with traffic - a so-called denial-of-service attack - to cracking complicated security codes. In most instances, the user of a zombie computer is never aware that it has been commandeered.

The networks of zombie computers are used for a variety of purposes, from attacking Web sites of companies and government agencies to generating huge batches of spam e-mail. In some cases, experts say, the spam messages are used by fraud artists, known as phishers, to try to trick computer users into giving confidential information, like bank-account passwords and Social Security numbers.

Officials at the F.B.I. and the Justice Department say their inquiries on the zombie networks are exposing serious vulnerabilities in the Internet that could be exploited more widely by saboteurs to bring down Web sites or online messaging systems. One case under investigation, officials say, may involve as many as 300,000 zombie computers.

More than 170,000 computers every day are being added to the ranks of zombies, according to Dmitri Alperovitch, a research engineer at CipherTrust, a company based in Georgia that sells products to make e-mail and messaging safer.

"What this points out is that even though critical infrastructure is fairly well secured, the real vulnerability of the Internet are those home users that are individually vulnerable and don't have the knowledge to protect themselves," Mr. Alperovitch said. "They pose a threat to all the rest of us."

Full Article.

More in Tux Machines

University fuels NextCloud's improved monitoring

Encouraged by a potential customer - a large, German university - the German start-up company NextCloud has improved the resource monitoring capabilities of its eponymous cloud services solution, which it makes available as open source software. The improved monitoring should help users scale their implementation, decide how to balance work loads and alerting them to potential capacity issues. NextCloud’s monitoring capabilities can easily be combined with OpenNMS, an open source network monitoring and management solution. Read more

Linux Kernel Developers on 25 Years of Linux

One of the key accomplishments of Linux over the past 25 years has been the “professionalization” of open source. What started as a small passion project for creator Linus Torvalds in 1991, now runs most of modern society -- creating billions of dollars in economic value and bringing companies from diverse industries across the world to work on the technology together. Hundreds of companies employ thousands of developers to contribute code to the Linux kernel. It’s a common codebase that they have built diverse products and businesses on and that they therefore have a vested interest in maintaining and improving over the long term. The legacy of Linux, in other words, is a whole new way of doing business that’s based on collaboration, said Jim Zemlin, Executive Director of The Linux Foundation said this week in his keynote at LinuxCon in Toronto. Read more

Car manufacturers cooperate to build the car of the future

Automotive Grade Linux (AGL) is a project of the Linux Foundation dedicated to creating open source software solutions for the automobile industry. It also leverages the ten billion dollar investment in the Linux kernel. The work of the AGL project enables software developers to keep pace with the demands of customers and manufacturers in this rapidly changing space, while encouraging collaboration. Walt Miner is the community manager for Automotive Grade Linux, and he spoke at LinuxCon in Toronto recently on how Automotive Grade Linux is changing the way automotive manufacturers develop software. He worked for Motorola Automotive, Continental Automotive, and Montevista Automotive program, and saw lots of original equipment manufacturers (OEMs) like Ford, Honda, Jaguar Land Rover, Mazda, Mitsubishi, Nissan, Subaru and Toyota in action over the years. Read more

Torvalds at LinuxCon: The Highlights and the Lowlights

On Wednesday, when Linus Torvalds was interviewed as the opening keynote of the day at LinuxCon 2016, Linux was a day short of its 25th birthday. Interviewer Dirk Hohndel of VMware pointed out that in the famous announcement of the operating system posted by Torvalds 25 years earlier, he had said that the OS “wasn’t portable,” yet today it supports more hardware architectures than any other operating system. Torvalds also wrote, “it probably never will support anything other than AT-harddisks.” Read more