According to a story in BBC News, hackers have hijacked over 1 million computers worldwide in order to conducts Denial of Service (DoS) attacks, Spamming, Google AdSense abuse and identity theft. According to BBC News, “The huge number was revealed by security researchers who have spent months tracking more than 100 networks of remotely-controlled machines. The largest network of so-called zombie networks spied on by the team was made up of 50,000 hijacked home computers.”
Are you still feeling safe? The German Honeynet Project gathered, recorded, analyzed and publicized this information in hopes of making people aware that their home computers may be infected with these “zombie bots” without them knowing it. The home PC’s that are especially targeted are broadband home PC’s that are always turned on.
Without knowing it your home PC can help launch a DoS attack against another online business and take them down in seconds. This is most often done in order to wipe out one’s competition on the Internet. Sending out Spam to millions of other PC’s or manipulating Google AdSense results are other areas that hackers target with exploited PC’s. A newer area of exploitation by hackers is identity theft, where they will use a zombie PC to spoof an online bank like Washington Mutual or business such as Ebay or Paypal in order to get your credit card information or other personal information.
Most of the hijacked PC’s are running Windows XP (Service Pack 1) followed closely by systems with Windows 2000. The ports most often exploited are 445/TCP, 139/TCP, 137/UDP and 135/TCP. What is most remarkable, though, is that an unprotected PC needs only be connected to the Internet from a few seconds or a couple of minutes in order for the automated bot to find it and infect it. So, if you’re setting up a new PC, install your firewall and anti-virus software first, before going online for the first time.
In fact, in order to protect your home PC from these bots firewall, anti-virus and spyware software is essential in order to insure a clean machine. Even though you have taken all of these measures, though, this may not be enough to protect your PC. For instance, my last PC had all of these protective devices in place and still much activity would take place on the computer after it had been idle for some time. I couldn’t get to the bottom of all this activity that was keeping my hard drive busy and my screen saver from resting for an extended period. A new PC so far has help to solve this dilemma.
So, the next time you get one of those annoying pop-ups that say, “Is your computer infected by a virus” get rid of that pop-up, check your firewall and run your anti-virus and anti-spyware software just to make sure. Monitor your computer’s activity during idle time. If your PC tends to be very active at times when next to no activity should be present then you may wish to take additional steps such as turning off your PC frequently or taking the Shields Up test. It couldn’t hurt, could it?