What’s a Zombie computer and how does it work?

zombie computers

As scary as it sounds, your computer can be zombified and obey under the commands of a total stranger, without even you realizing it. Before assuming it cannot happen to you, bear in mind that millions of computers globally belong to the zombie network… Or else, the Botnet.

From the combination of the words “robot” and “network”, this term is used to describe the Zombie army, alias the group of computers that have been taken over by a malicious third party, without their owners detecting the anomalous behavior. The penetrator or “botmaster” can be an individual, a group of people or a corporation. The computer hackers secretly infiltrate an unsuspected victim’s computer by introducing a malware and use it to conduct illegal activities.

The largest known botnet belonged to a six-person gang operating out of Ukraine. Using JavaScript code executed within a browser to install a malware that they would activate on command, the cybercriminals managed to infect 1.9 millions of computers around the world. They were uncovered in 2009 after they tried to rent out portions of their botnet.

What do criminals actually do ?

Botnets are one of the biggest illegal sources of income in the cyber world. The father of the Internet, Vinton Cerf, declared at the World Economic Forum of Davos in 2007 that a quarter of all machines connected to the Internet are part of botnets. Therefore, botnets are not only a concern for individuals that possibly have their computers hijacked. Unfortunately, it is equally a problem that touches the scale of the worldwide macro-economy. Once a computer is zombified, the hacker controls it completely. They can conduct countless activities, such as turning on your microphone and camera to watch and listen to you, diffusing pornographic material or various non-desirable actions, leaving no traces on your computer.

Zombie computers can also disseminate e-mail spams; and that’s what the
y usually do. It is estimated that more than half of the commercial spams sent worldwide come from zombie computers. The botmasters avoid detection and possibly costs, as the owners of the zombies pay themselves for their bandwidth.

Another malicious activity is the so called distributed denial-of-service attack (DDoS). This phenomenon occurs when a large number of Internet users make simultaneous requests to a website server, so as to prevent legitimate users to have access to the website. The Zombies send an overwhelming amount of useless information to the site’s routers that they are not able to process and so the system cracks. Botmasters prefer the DDoS type of attack to threaten website owners of continual DDoS and extort money from website administrators. It is a great fear for the latters, as the cybercriminals do manage to shut down websites with this method. Governmental or military websites are their most common victims in such cases.

A similar type of massive attack is the so called “distributed degradation-of-service”, which results to the deliberate and moderated slowdown of the victim site, instead of shutting it down as below. The difficulty that actually appears lies on the fact that such attacks that only cause slowdown can sometimes stay unnoticed for months or even for years.

Another scary activity is the extract of identity information of unaware individuals. The botmasters collect from the hacked computers personal data of the owners of the zombie computers. Fraud, identity theft and other cybercrimes are committed after the use of credentials that have been stolen from hijacked computers, such as numbers of bank accounts and credit cards, usernames and passwords.

Is my computer a Zombie ?

First of all –most of the times- hackers don’t have anything personal against the owners of the machines they choose to hijack. The contagious contact is taking place with malware links and virus-laden emails. Therefore, don’t panic or think someone is out to get you. What the botmasters want when they infect a computer, is to preserve their anonymity. They use the victim’s computer as a launch platform to hide their original identity.

Even though it is not necessarily the case, here are some symptoms that allow you to detect whether your computer has been exposed to zombie-making malware: You experience a slowdown in your computer’s performance; you receive unexplained error messages or your computer crashes frequently and stops responding to your commands. Some other attitudes that should worry you are the discovery of messages in your outbound email folder that you didn’t send, the fact that your web browser often closes for no obvious reason or that your computer has no access to security websites.

Resurrection and Precaution

Inadequate security measures make it easier for the cybercriminals to target a computer. Respectively, caution and good judgment while you are online can keep your computer away from the cybercriminals.

If you are determined that your computer already belongs to a botnet, reinforcing your malware protection can help you remove the infection. The best course of action is to update your antivirus and/or anti-spyware software and scan your computer’s hard drive to find and remove the dangerous malware.

The next step is to set your computer’s personal firewall to its maximum-security level. In order to be completely zombie-free, you should better wipe the hard drive or flash drive and reinstall the operating system and applications. Make sure your important files are backed up first, of course. Once you’ve restored your computer’s storage drive, applications, and documents, run your security software again just to ensure nothing is amiss.

The future of the Zombies

Experts are rather worried about this phenomenon that is spreading to a “pandemic”. They sadly note that the innovation is lead from the part of the criminals and not the defenders. In the BotConf Conference 2015 that was held in Paris the scientists declared that there are quasi-invincible botnets, that have been functioning even for ten years in a row. The botmasters manage to constantly ameliorate their network to escape surveillance.

The future is predicted hard for Internet users worldwide, as the hijackers can easily take over smartphones, since they have the same principles and potentially similar results with the computer botnet. In July 2009 the first botnet capable SMS worm was detected, applicable to Nokia smartphones. Later that month, some worms were detected on IPhones along with a spyware program on BlackBerry.

Recent, the botmasters showed their interest for the smart houses and the IT technology.

A propos de Iliana KOUTOULAKOU

Etudiante en M2 Droit de l'Economie Numérique. Passionnée par les enjeux du traitement et de la protection des données personnelles. Porte un vrai intérêt aux objets connectés et au Big Data.

Vous aimerez aussi...

Laisser un commentaire

Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur comment les données de vos commentaires sont utilisées.