electrons's Blog

An outbreak of computer attacks is underway, different from traditional viruses. 

It is hard to cover all of the details here but I’ll try and be basic and informative.

 

There is a growing trend of PC computers in the US that have become infected and commanded to become part of a very complex and secret network called a BotNet.  Everyday users like you and me are falling into these networks and 99% of users have no idea what is going on under the hood of your PC.  So what is a BotNet?  I’ll explain how it works.

 

A hacker manages to infect your computer through an email or even just by visiting a web site.  Web sites can run “scripts” which are tiny programs once you visit the site.  From there, a tiny program hides silent and undetected.  Eventually, it silently uses your internet connection to say “I’m here” by sending a command back to the hacker to let him know that he has added another PC (yours).  At this point the hacker sends a program back to your computer called a “payload” through the internet.  This payload contains instructions, which takes over your computer and to use it to send emails.  You are now part of a BotNet.  Under your nose, without you even knowing, your PC is sending out SPAM emails to millions of people.  It can also log key strokes and send them back to the attacker for him to strip out credit card information, passwords or anything he wants.  Basically, once part of the network, your computer says, “I’m here to accept new commands.”(in computer language of course).  Your computer also launches out internet commands to find new hosts to add to the network.  It is a chain of webs and keeps spreading.  Ever wonder why SPAM emails are on the rise?  Now you know why.  Millions of PC’s are secretly sending billions of SPAM emails right under the nose of the user.  That SPAM you get in your mailbox probably came from an infected PC.  Ever wonder if your PC is one of them?  Good luck finding out.  These guys are good and run virtually undetected.  They also run crime rings on these networks.  Think about the power they have with the vast number of computers under their control.  Last summer I fixed a computer for a woman who had a virus.  I found the computer was acting like a SPAM server cranking out spam emails.  The only way I could clean it was to wipe the hard drive and start from scratch.  Removal is extremely difficult and most of the times impossible as I found myself.  Antivirus found nothing!

 

BotNets have become a big underground business.  Many computer security analysts have no answers.  Symantec estimated that 5.7 million PC’s are part of a BotNet network!  This number keeps growing daily.  57,000 active Bots were observed per day during the first 6 months of 2006, according to the security firm Symantec.  Also, antivirus programs DO NOT detect BotNets.  I told you these guys were good!

 

It is not the scope to educate on how they work and what they can do.  Rather I’d like to get the word out to educate on what is going on right now.  Google for “BotNet” and you can read tons of more stuff.

 

So…with that said, how can you tell if you are part of one?  I can think of 2 obvious ways.

 

1 -  If your PC got sluggish and slowed down, perhaps it is possible you may be part of one.

2 -  Monitor your internet light on your modem when you are not using your computer and it is turned on.  If there is internet activity that persists, good chance you are infected.

 

In closing…you will be hearing more about this topic in the news.  It has become out of control and spreading like fire.  Some analysts say it is too late.  Tracking them back is virtually impossible.  It is the goal of the attacker to be as silent as possible so he goes unnoticed. 

 

The best thing to do is to avoid becoming one.  I know that sounds lame, but it is true.

Use FireFox rather than Microsoft Internet Explorer.  FireFox is free and less prone to attacks.  Keep your antivirus programs updated, they do help against virus triggered Bot’s.  Use common sense on the web and be careful everyone.