Attack of the Zombies and the Shadowserver Foundation

OK, this sounds like a 70’s horror movie, but it is actually one of the greatest threats currently to online security. It is estimated that there are now about 300,000 zombie computers operating. These are computers that have been taken over by hackers and are being used to send spam, or infect other machines with adware, malware and other nasty viruses.

Fortunately a group have decided to battle on behalf of the rest of the world, to tackle and destroy the hacker-zombies criminals. This group is called the Shadowserver Foundation

The number of infected machines has doubled in the last year, and this is the result of hackers becoming more organised, and forming networks of machines to act as super servers, which are referred to as botnets. These networks are used to steal personal identities, attack websites, and sell pilfered e-mail addresses to professional spammers. Yes, when you receive those annoying, trashy emails, it is often because someone has stolen your personal information, and then sold it on to internet vermin.

Internet crime is becoming a serious problem, with costs to consumers and businesses in the USA rising to $239 million in 2007, up 20 percent from the year before. Similar patterns are seen in the UK and other countries. Botnets are growing in popularity and sophistication as tools for hackers, and Shadowserver’s research helps law enforcement and security companies such as McAfee Inc. identify emerging threats.

Established in 2004, The Shadowserver Foundation gathers intelligence on the darker side of the internet. We are comprised of volunteer security professionals from around the world. Our mission is to understand and help put a stop to high stakes cyber crime in the information age.

In the weeks leading up to Georgia’s military conflict with Russia in August, Shadowserver was among the first to report that hackers attacked Georgian President Mikheil Saakashvili’s Web site, taking it down for 24
hours. The hackers used a botnet to swamp the site with requests.

“Botnets pose a significant risk because they’re the Swiss Army knife of malicious code,” – Nicholas Ianelli, an analyst at the CERT Coordination Center, which studies Internet security as part of Carnegie Mellon University’s Software Engineering Institute. “They can do so many things with one compromised host.”

Last year the FBI carried out an investigation of botnets, named Operation Bot Roast, which found over a million infected computers and more than $20 million in economic losses from
crimes related to botnets.

Shadowserver’s members spend anywhere from 5 to 40 hours a week tracking Internet-security threats. DiMino, a native of New York who now lives in New Jersey, said Shadowserver’s members are not vigilantes and don’t “hack the hackers,” as some other volunteers do, they report their findings to internet and computer security companies, to help to make home computers more secure.

“It gets us pretty jazzed when we can see that things we’ve worked on have had a tangible result in Internet safety. That’s really a key motivator for all of us.”

In February, the group said it uncovered an attack on 32 gambling sites, including one run by PartyGaming Plc, the owner of the website.

Learn more about the The Shadowserver Foundation.

Leave a Reply

Your email address will not be published. Required fields are marked *