Is Your PC a Zombie Crime Bot?

Is your PC a zombie bot working for cyber crooks? According to e-security firm Finjan, computers at the BBC and offices of the US and UK governments are part of a compromised global network of almost 2 million computers under control by cyber criminals.

Recently, the Conficker (aka DownAdUp worm) again hit the headlines as its April 1 payload was meant to deploy and cause havoc across the internet. Aside from a couple of hundred compromised PCs being activated there was little observable effect and many network administrators and users breathed a sigh of relief. However, the potential for cybercrime, whether straightforward email scams, phishing, or distributed denial of service (dDOS) attacks is ever present.

Finjan’s recent pronouncements on the state of international security represents yet another problem individuals and sysops must face head on if their computers are not to be compromised. According to Finjan Chief Technology Officer Yuval Ben-Itzhak, the criminals operating the botnet could make almost $70million a year renting out the zombies to spammers and scammers, reports CNet. The BBC itself claims just one of its PCs is infected and London’s Metropolitan Police are apparently on the case

So, are you infected, is your PC a Zombie Crime Bot? Well, the Trojan horse program implemented by the botnet is detected by only 4 out of 39 antivirus products, so you could very well be. Apparently, this new botnet was first created in February, is growing fast, and originated in Ukraine, however.

Any trojan, virus, or other malware that makes your computer into a zombie might cause your computer to slow down, popup odd messages (particularly ones offering help!), or make your PC work in an unexpected manner. If you have been compromised your ISP may block the email sending port on your connection, port 25 or even blacklist your ISP address so that you cannot connect at all.

Zombie making malware usually does not disable your computer, that would be pointless as the PC needs to be active in order to become part of the zombie botnet so desirable to spammers and hackers.

It’s worth ensuring your firewall is up to date, your antivirus software is running and regularly updated, and if you have a router that you have set an individual username and password for it and that its inbuilt hardware firewall is active. Chris Pirillo has some advice on how to spot a zombie, take a look at his netstat command recommendation in particular.

To be honest, Finjan is not one of the commonly cited security companies and it was through the BBC Radio4 Today program this morning that I first heard of them. It’s impossible to ascertain whether this threat will lead to serious problems. It’s just one of many security scares and they are always a great way for security companies to raise their public profile, aren’t they?

Related articles by Zemanta

• Why Conficker’s media hysteria was a good thing
• Reasons why it’s getting harder to detect botnets