Slashdot Mirror

← Back to Stories (view on slashdot.org)

Over a Million Zombie PCs

Posted by Zonk on from the daaaaataaaa dept.

Doyle writes "A BBC article discusses new research revealing that over 1 million computers have been compromised and are being used in bot nets. From the article: 'The largest network spied on by the team was made up of 50,000 hijacked home computers.'"

12 of 564 comments (clear)

  1. Anyone know... by gowen · · Score: 5, Insightful

    ... the breakdown of that million by operating system?

    You never know, it might be a nice bit of PR for some Apple/Linux/BSD organisation to casually slip into a Press Release.

    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
    1. Re:Anyone know... by Grishnakh · · Score: 4, Insightful

      The only way to get a blue screen in them is to have a bad driver that will affect the system at the kernel level.

      Even if this is true, you're seriously downplaying this problem. With Windows, in order to use your computer at all, you're probably going to have to install vendor-written drivers for something, because there are no community-maintained drivers as there are for OSS OSes. MS does include some basic drivers for very common hardware, but almost any computer will have at least something that will require a vendor driver. History has shown us that these vendor-written drivers have a very poor record, and are known to cause a lot of problems on Windows systems.

      This alone is a good reason to avoid Windows. What good is it as an OS if you can't add various hardware (scanners, cameras, wireless ethernet, etc.) without expecting it to suddenly become unstable?

      It doesn't matter how great Ford engines are if they keep sticking tread-separating Firestone tires on their vehicles.

  2. Re:Why arent governments proacting agaisnt these n by MatthewNewberg · · Score: 5, Insightful

    Governments?, What about ISPs? They are the ones having to pay for the added bandwitdh on both sides. I'm surprised most ISPs dont run IDS that can detect Zoombie Networks and automatically send emails to its infected customers. This will not only pay for itself by reducing bandwidth, but also make the customers more happy.

    --
    mnewberg.com
  3. Re:Hope by jayhawk88 · · Score: 4, Insightful

    Well this is 1 million zombie-infected PC's, which are infected with specific types of trojans and such and presumably are actively being used in bot-nets.

    I imagine there are quite a few more machines that are zombie infected that were not detected for whatever reason (turned off, firewalls, etc), plus all the millions of more machines that are "just" infected with viruses, spyware, or trojans that do not produce bot-net like activity.

  4. Re:Why not ISPs by ArsonSmith · · Score: 4, Insightful

    Yea, they had the ability to disconnect me until I cleaned up some p2p software I had running. I'd say this is much more important than a few TV episodes.

    --
    Paying taxes to buy civilization is like paying a hooker to buy love.
  5. Ethics be damned... by chill · · Score: 4, Insightful

    Time for someone to write a worm that forces an update from Windows Update; downloads a copy of SpyBot Search & Destroy, runs it and then turns on the firewall.

    -Charles

    --
    Learning HOW to think is more important than learning WHAT to think.
  6. I find it interesting... by suitepotato · · Score: 5, Insightful

    ...that all these botnets themselves seem to compromised that journalists and researchers can so easily get into them. If you're going to compromise other people's computers for whatever nefarious use, do you want your system itself wide open for someone to steal away from you or document your doings for law enforcement? The best back doors and holes are ones that no one sees until you're using them and it is too late.

    --
    If my grammar and spelling are off, I am [distracted/tired/careless] (take your pick)
  7. Re:Why not ISPs by eaolson · · Score: 5, Insightful
    Better yet, why don't ISPs disconnect them until they can demonstrate they've been cleaned up?

    Because it is not in the ISP's best (i.e. financial) interests to do so. Finding these machines, teaching users how to clean them up, and then reactivating their access would require a great deal of manpower and money. Since not doing it is consequence-free, there is no incentive to do it. It's like dealing with hazardous waste; it's difficult and expensive. Without some outside force compelling companies to dispose of it appropriately, they would deal with it the cheapest and easiest way possible. That is, dumping it on the rest of us, like these ISPs do.

  8. Re:Why not ISPs by BitwiseX · · Score: 5, Insightful

    They won't clean up, they will go to an ISP that doesn't care. I run a small ISP, I've called customers and informed them of these issues... nothing happens... threaten to cut them off... nothing happens... cut them off... they call angry say "Fine! Don't bother!" and a customer is lost. A customer lost, is a customer lost. Police != Profit unfortunately, and it's a fine line to walk.

  9. You've just described ... by tomhudson · · Score: 4, Insightful
    I think the whole idea is extremely intriguing. Once you have a system set up like that, capable of accepting commands.. you can do whatever you want without ever having a trail come back to you. Having a machine tell another machine tell another machine what to do.
    ... the next version of p2p software that the **AA will have one hell of a time trying to combat.

    Have your machine intentionally be part of the "zombies", and you get all the goodies, and look like a victim at the same time.

  10. Re:Why not ISPs by budgenator · · Score: 4, Insightful

    I'd just like to know why taskmanager says CPU utilization is over 50%, the hard disk is thrashing, and the network light is on constantly, but task manger only list 3 processes using 2%? Nothing shows up on virus scans, nothing shows up on spyware scans and half the time it quits as soon as I open taskmanager.
    At least in linux TOP shows you what process is sucking up the cycles, giving you a fighting chance. I'm not completely clueless, I've used windows since 3.11, cut my teeth on basic and dos batch scripts, installed Linux on a machine before win95 was released and still I know the wife's WinXP machine that's fully patched hardware and software firewalled is owned and can't find out how; what's Joe average going to do?

    --
    Apocalypse Cancelled, Sorry, No Ticket Refunds
  11. 10 Year Setback Sounds Great! by MooseByte · · Score: 4, Insightful

    "If Joe User were required to start by using Linux or BSD, it would set computing back 10 years."

    To a time before rampant SpambotNets and the DMCA. Sign me up! :-)