Slashdot Mirror
Europe Home to Majority of Zombies
Rei writes "According to a recent CipherTrust study, the majority of Zombie PCs reside not in the US or China, but in Europe. Of the European zombies, 2/3 were either in Germany, France, or Britain. The results were released with the announcement of CipherTrust's new ZombieMeter. As a response to previous reports of high zombie activity, the London Action Plan launched Operation Spam Zombies in cooperation with numerous governments around the world."
... as to where the evil clerics are.
This has been obvious to me ever since Wolfenstein 3D almost 14 years ago.
I expected something like this might happen some day, but I'm ready, thanks to this. Bring it on!
Top 10 includes the US at 28.5%. No EU country is in the top ten list. "during the first three weeks of May, approximately 26% of daily new zombies originated in the European Union, including 6%, 5% and 3% of new zombies originated in Germany, France and the United Kingdom, respectively." That's NEW zombies. The EU share of zombies is increasing, but it isn't the major source (yet).
How do you know they weren't patched? Patching doesn't really help you when the user runs the executable attachment they got in their email, or installs something shiny they found on the web.
Back in the 1990s, Spam was a big problem. The problem was that a number of ISPs would ignore Spam complaints, or would even encourage spammers to be on their networks. Once enough ISPs refused to listen to complaints, Paul Vixie started the Realtime Blackhole List, which would allow people to find out if a given IP was blacklisted, and refused to receive email from a blacklisted IP.
I worked at Netcom when we ended up on the RBL. We did not have strong Spam protection; for example, our credit card verifier did not contact the credit card company before giving someone internet access. Even after being placed on the RBL, management was unwilling to expend the resources needed to stop our Spam problem; they thought the RBL would just go away. Meanwhile, the number of people calling or emailing technical support doubled because they could not send mail increased (I helped make some graphs showing the increase in emails to tech support to convince management that this was a real problem). It took months for management to wake up, smell the coffee, and make it harder for spammers to get throw-away accounts on Netcom's network.
(For NANOG regulars at the time: It was I who wrote the "Keman-bot")
A similiar list needs to be set up; if a given ISP has zombies and does not cut off said zombies from the internet, the ISP needs to be blacklisted RBL style. Maybe then management will do something about the zonbie problem--such as cutting of zombie machines from the internet (redirecting all HTTP queries to a "You're a zombie so we cut you off page" for example).
Everybody knows '28 Days Later' started out as a warning about the dangers of spam.
What we need is for Postfix to have a built in ability to report IP addresses to which it responds "take a flying leap", once per day, and for the top 1,000 of those IP addresses to be included in a report.
As a safety measure, the IP address has to be reported by X number or percent of the participating Postfix hosts to be considered valid.
Any IP address is added for a short period of time, say 72 hours, so if it's a machine that is hacked and quickly fixed the IP isn't blacklisted forever.
It seems like a distributed, real-time system like this would be effective.
Lose Weight and Feel Great with Isagenix
Man. If you could go back in time to 1980 and tell everyone that in 25 years, European governments would be spearheading an initiative called "Operation Spam Zombies", and that this name was not in any way meant to be humorous, the looks on peoples faces would be priceless.
Irritable, left-wing and possibly humorous bumper stickers and t-shirts