A zombie is a computer that has been implanted with a daemon that puts it under the control of a malicious hacker without the knowledge of the computer owner. Zombies are used by malicious hackers to launch DoS attacks. The hacker sends commands to the zombie through an open port. On command, the zombie computer sends an enormous amount of packets of useless information to a targeted Web site in order to clog the site’s routers and keep legitimate users from gaining access to the site.
The traffic sent to the Web site is confusing and therefore the computer receiving the data spends time and resources trying to understand the influx of data that has been transmitted by the zombies. Compared to programs such as viruses or worms that can eradicate or steal information, zombies are relatively benign as they temporarily cripple Web sites by flooding them with information and do not compromise the site’s data. Prominent sites as Yahoo!, Amazon and CNN.com were first brought down in 2000 by zombie DoS attacks.
Zombies are also referred to as zombie ants.Zombies used to describe a process that is doing nothing but using system resources. This often occurs when a process is abandoned by a previously running program.A computer that is maliciously set up to do work of another program or users. A zombie computer is often a computer or server that is compromised to help a malicious user perform a Denial of Service attack (DoS) or DDoS attack.
In computing, a zombie is a computer connected to the Internet that has been compromised by a hacker, computer virus or trojan horse program and can be used to perform malicious tasks of one sort or another under remote direction. Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service attacks (DOS attacks). Most owners of “zombie” computers are unaware that their system is being used in this way. Because the owner tends to be unaware, these computers are metaphorically compared to fictional zombies. A coordinated DDoS attack by multiple botnet machines also resembles a “zombie horde attack”, as depicted in fictional zombie films.
A zombie (also known as a bot) is a computer that a remote attacker has accessed and set up to forward transmissions (including spam and viruses) to other computers on the Internet. The purpose is usually either financial gain or malice. Attackers typically exploit multiple computers to create a botnet, also known as a zombie army.Typically, a zombie is a home-based PC whose owner is unaware that the computer is being exploited by an external party. The increasing prevalence of high speed connections makes home computers appealing targets for attack. Inadequate security measures make access relatively easy for an attacker. For example, if an Internet port has been left open, a small Trojan horse program can be left there for future activation.
What does Zombie Network mean?
There are a few other kinds of zombies:
A zombie PC is also called a bot – and a collection of individual bots is a botnet. The network of computers can reach enormous dimensions – sometimes thousands or even millions of zombies are combined into a network. BredoLab, one of the biggest botnets, comprises over 30 million separate devices. This network alone includes ten times as many cyber zombies as people who live in Berlin.
what do these botnets do?
The so-called botmaster is, metaphorically speaking, the puppet master pulling the strings of the PC puppets. He controls individual zombies from his computer and tells them what to do. Some are programmed to send out large volumes of spam. Other bots spy on the users and become “sniffers”. They send the data, credit card details or passwords they have captured to a target specified by the botmaster. The data is offered for sale on the Internet black market – or used directly to plunder victims’ bank accounts. A Brazilian gang managed to extract almost five million dollars from other people’s accounts in this way. But spying on data is just one way a botnet is used. Criminals use zombies for numerous different activities, for example DDoS attacks that deliberately overload servers or computers. Such bot attacks are offered as a service in relevant forums.
Distributed Denial Of Service
- In one form of denial of service attack, a zombie is an insecure Web server on which malicious people have placed code that, when triggered at the same time as other zombie servers, will launch an overwhelming number of requests toward an attacked Web site, which will soon be unable to service legitimate requests from its users.Zombies can be used to conduct distributed denial-of-service (DDOS) attacks, a term which refers to the orchestrated flooding of target websites by large numbers of computers at once. The large number of Internet users making simultaneous requests of a website’s server is intended to result in crashing and the prevention of legitimate users from accessing the site.
- A variant of this type of flooding is known as distributed degradation-of-service. Committed by “pulsing” zombies, distributed degradation-of-service is the moderated and periodical flooding of websites, done with the intent of slowing down rather than crashing a victim site. The effectiveness of this tactic springs from the fact that intense flooding can be quickly detected and remedied, but pulsing zombie attacks and the resulting slow-down in website access can go unnoticed for months and even years. Notable incidents of distributed denial- and degradation-of-service attacks in past include the attack upon the SPEWS service in 2003, and the one against Blue Frog service in 2006. In 2000, several prominent Web sites (Yahoo, eBay, etc.) were clogged to a standstill by a distributed denial of service attack mounted by ‘MafiaBoy’, a Canadian teenager. An attack on grc.com is discussed at length, and the perpetrator, a 13-year-old probably from Sardis, Mississippi, was identified on the Gibson Research Web site. Steve Gibson disassembled a ‘bot’ which was a zombie used in the attack, and traced it to its distributor. In his account about his research, he describes the operation of a ‘bot’-controlling IRC channel.
pulsing zombie
A pulsing zombie is one that launches requests intermittently rather than all at once.On the Web, a zombie is an abandoned and sadly out-of-date Web site that for some reason has been moved to another Web address. Such zombies contribute to linkrot.In the UNIX operating system world, developers sometimes use the term to refer to a program process that has died but hasn’t yet given its process table entry back to the system.The term originated in the West Indies, where a zombie is a will-less, automaton-like person who is said to have been revived from the dead and must now do the will of the living.
How can I prevent my PC from becoming a Zombie?
Almost 40% of PCs in Germany have been part of a bot net at some point. To keep this from happening to your PC, having a comprehensive security solution makes sense.
- Virus scanner & Exploit protection: a virus scanner can find many of the malicious file that have been downloaded in drive-by attacks. The Exploit Protection as well as a phishing filter warn you of dangerous websites.
- Specialized software: This can remote bots from your PC.
This will transform digital zombies back into regular PCs.
Great Blog. I wish we had one where I work. If you need any IT Support in Plano Texas give us a call.
Saying that Good Job and love your support
Great Blog I wish I had one like this on my site. If you are ever in Frisco, Texas and need some IT Support in Frisco
give us a shout
Sure!
Invite us to write more about web security