28000 spam emails from each infected PC. Since January 2007 BILLIONS of spam messages
- From: "gimme_this_gimme_that@xxxxxxxxx" <gimme_this_gimme_that@xxxxxxxxx>
- Date: Mon, 08 Oct 2007 20:57:25 -0700
So much for all the fabrication that Vista is the most secure OS ever
and that XP SP2 is pretty good:
http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2007/10/08/BUHRSL4CF.DTL&hw=Bots&sn=001&sc=1000
Get Quote:
Symbol Lookup
Main Business & Finance Page: Stock quotes, portfolio, funds and
more...
Small Business Center: A new resource for small businesses. Get expert
advice, forms and more.
SFGate Technology: It's a high-tech world - - we just plug you into
it...
Computer scientists in Menlo Park are releasing a free diagnostic
program today to help network administrators find PCs infected with an
insidious new type of virus that has already tainted millions of
computers and used them to generate billions of spam e-mails.
Since this malicious program, variously called Peacomm or the Storm
Worm, appeared in January, it has infected upward of a million PCs,
each capable of sending out about 28,000 spam e-mails a day, according
to Phil Porras and Vinod Yegneswaran, computer scientists at SRI
International in Menlo Park, the nonprofit think tank that is
releasing the newest version of its BotHunter tool.
A botnet is the nickname given to illicit computer networks created by
malicious hackers who write a type of program called malware. Once the
malware gets onto a PC, it hides and creates a sort of electronic
alter ego that surfs or otherwise connects to the Internet - without
the knowledge or involvement of the PC's human owner.
These infected PCs are called zombies because they take orders from
afar, and what makes Peacomm such a particular annoyance is that it
uses infected PCs to send out spam e-mails, which not only annoy
recipients but slow down the infected PC in subtle ways that may
escape the attention of the owner, Porras said.
Peacomm also uses some new tricks to cloak the Internet server, or
mother ship that controls its vast network of zombies. Porras said
this has helped it grow, because the current bot-killing strategy -
trace commands back to server and take it off the Internet - has not
worked because the mother ship has so far been able to conceal its
location.
So the new SRI tool tries to attack the problem from the other end, by
giving network administrators at corporations, schools and other
institutions the ability to find infected computers on their networks
and take steps to cleanse them, Porras said.
But the tool is not intended for use by consumers who get their high-
speed connection from Internet service provider such as Comcast or
AT&T. Instead, it would be up to the ISPs to download this tool, or
use some other means to find Peacomm-infected PCs, said Johannes
Ullrich, chief research officer for the Internet Storm Center, a
network security organization.
But even if an ISP finds Peacomm-infected zombies in its network,
there is no cheap or easy way for the company to fix the consumer's
problem, Ullrich said.
"When the user calls in, it costs about $50 and wipes out one year of
profit from that customer," Ullrich said.
Not surprisingly, the Bay Area's big ISPs, Comcast and AT&T, were
eager to point consumers to their Web sites and suggest that all the
protections and answers were to be found there.
Comcast spokesman Andrew Johnson said all of the company's Internet
subscribers have access to a free copy of the McAfee anti-virus
program that, he said, could detect and defeat Peacomm. AT&T Spokesman
John Britton pointed consumers to a similar set of online protections
available through its alliance with Yahoo.
Ben Greenbaum, senior research manager for Symantec, another security
program vendor, said his company's anti-virus tools can also detect
and defeat Peacomm.
But the SRI researchers who put out the BotHunter tool say this
particular malware changes itself so often that they fear anti-virus
tools may be falling behind, which put more onus on network
administrators - whether they run a corporate net or an Internet
service community - to scour their networks for Peacomm.
"This is very close to a vaccine," said Rick Wesson, an Internet
security expert with Support Intelligence in San Francisco.
How to keep your PC bot-free
The new SRI tool is designed to be used by network administrators, who
can download it for free at www.cyber-ta.org/BotHunter.
Here are some simple ways for individual users to safeguard home PCs
against bots that turn them into remotely controlled zombies.
-- Never open an e-mail message from an unknown sender.
-- Install and regularly run an anti-virus program.
-- Turn on the firewall in your Windows PC and consider installing a
hardware firewall as well.
-- Comcast customers with security questions can visit www.comcast.net/security.
-- AT&T customers with security questions can visit
onlineprotection.yahoo.com/sbc.
.
- Follow-Ups:
- Re: 28000 spam emails from each infected PC. Since January 2007 BILLIONS of spam messages
- From: Steve de Mena
- Re: 28000 spam emails from each infected PC. Since January 2007 BILLIONS of spam messages
- From: ed
- Re: 28000 spam emails from each infected PC. Since January 2007 BILLIONS of spam messages
- From: Tim Murray
- Re: 28000 spam emails from each infected PC. Since January 2007 BILLIONS of spam messages
- From: gimme_this_gimme_that@xxxxxxxxx
- Re: 28000 spam emails from each infected PC. Since January 2007 BILLIONS of spam messages
- Prev by Date: Re: Apple and Dell:Business Models
- Next by Date: Re: apple inovation at customer expense
- Previous by thread: Could it be rue?
- Next by thread: Re: 28000 spam emails from each infected PC. Since January 2007 BILLIONS of spam messages
- Index(es):
Relevant Pages
|
