Thursday, November 1, 2007

Viruses, Hoaxes and Zombies... Oh! My!

There has been an ever growing quantity of Spam on the Internet these days and we all notice it. From erectile dysfunction ads to hair loss ads to gibberish emails that make no sense what-so-ever it is just out of control. The big question... Why?

Why is Spam so out of control?
The problems with Spam can be be isolated down to 3 major problems:
1. The desire for specific individuals (or groups of individuals) with a desire to bring the Internet to a halt.
2. Home and Business users with insufficient virus protection (I'll explain in a minute)
3. Zombies

What is the point of the gibberish emails?
Many of the junk emails (Spam) that users get these days is basically gibberish or a collection of words that mean nothing at all. This is because these emails are not there to inform you of anything. They are there to simply get through your Spam filters and fill up your email box.

Who 'dun it?
Although computers are sophisticated, let's face it, only a human can set the ball in motion when it comes to setting up a program. So, let's address the first topic: Who is doing the Spamming?

There are those out there who for several reasons have a desire to bring the Internet (and businesses connected to the Internet) to a halt. These are people who have a complete aversion to technology (a bit of irony here as they use technology to cause the attacks); People who feel that our technological / informational society is out of control; and those who simply like the power kick of causing disruption to others. These are the primary culprits when it comes to Spam transmissions.

How they do their 'dirty work' is where things get really interesting and that takes us to our next two topics.

Home and Business users with insufficient virus protection
The average home user has some form of virus protection normally given to them freely by their ISP or a trial that they downloaded from a company such as McAfee or Symantec or Trend Micro. The major problem is almost all (decent quality) antivirus programs out there require a subscription (at least for home users) to maintain their antivirus definitions.

Many home users simply either forget to update their subscriptions or just can't afford to keep them up to date and thus get out of date on their virus definitions making them more susceptible to an attack. Given their vulnerable state, all the user has to do is inadvertently access a malicious website and voila! They have downloaded a virus and been compromised. Now, these viruses are much more complicated than your typical "I'll destroy your data" virus.

These viruses are designed to load a special piece of software (or softwares) on your computer called server engines. These server engines are actual email transmission servers that operate in the background of the computer where you can not see. The only thing that may give an indication that you have been taken over is a very slow computer or many pop-ups.

This brings us to the next topic: Zombies

What is a Zombie?
A Zombie is a computer attached to the Internet that has been compromised by a security cracker/hacker, a computer virus, or a trojan horse. Generally, a compromised machine is only one of many in a "botnet", and will be used to perform malicious tasks of one sort or another under remote direction (such as using your computer as an email server to send Spam email.)

What does this mean exactly?
It means that the virus that the user downloaded inadvertently, installed a piece of software that contacted a main computer somewhere on the Internet. That main computer then told the computer that it will be responsible for a specific malicious task, for example; The master computer tells the computer to transmit out 1,000 emails to a given set of addresses. The user's computer than acknowledges the command and begins transmitting. Keep in mind, these addresses are NOT from the address book of the user's computer, they are a set of addresses predefined by the Spam Master Host (or sometimes a defined parameter such as 500 different names for domain

Now, it's one thing having a single computer sending out 1,000 emails that are Spam, but these masters typically communicate with thousands of home computers. So for example you take 1,000 "zombied" computers all talking to a master computer and that master computer tells it's "botnet" to each transmit 1,000 emails and suddenly the Internet is flooded with 1 million false emails going into people's email accounts.

Keep in mind these example numbers are all very small numbers compared to the reality of what's going on. According to PC Magazine (August 2007) there is on average 800 thousand Spam emails in transmission every second of the day. That amounts to 69.1 billion Spam emails flying around the Internet per day!

What can the average user do about it?
Two things:
1. Use a high quality antivirus program such as Symantec, McAfee or Trend Micro
2. Keep your antivirus definitions UP TO DATE!

It may cost you a little money, but you know the old saying "An once of prevention is worth a pound of cure." Spend a little money now and save yourself hundreds (if not thousands) of dollars in headaches later. It also never hurts to have a computer professional check out your computer just to ensure that everything is running fine and make sure you have no unknown threats floating about. Have them run SpyBot (A good free spyware removal software) and a good Antivirus to check for problems.

No comments: