Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Don't let your PC join the zombie hordes

Tips to keep your PC from becoming a zombie

Article comments

Stop your PC from joining the zombie hordesMay is Zombie Awareness Month. While the month is intended to honour the sort of Zombieland, Night of the Living Dead, or Michael Jackson's Thriller type zombies, it also seems like an appropriate time to address PC zombies and how to ensure that the computers on your network don't become compromised and join the zombie hordes.

What is a Zombie?

A zombie computer, also referred to as a bot, allows an unauthorised person to gain control over another user's computer. The infection is typically the result of a hacker, malicious website, email or infected USB thumb drive. The zombie (or bot) sits idly by, patiently waiting to be summoned to perform some malicious task, often as a part of an army of tens of thousands, or even millions of zombie PCs called a botnet.

Attackers are able to access lists of 'zombie' PCs and activate them to help execute DoS (denial-of-service) attacks against Web sites, host phishing attack Web sites or send out thousands of spam email messages. Should anyone trace the attack back to its source, they will find an unwitting victim rather than the true attacker.

Identifying a Zombie Computer

Zombies are good at hiding in the shadows of your computer so they are not noticed. If you could easily detect that something malicious was running on your computer, you would quickly remove or disable it. Zombies often have file and process names that are similar, or even identical, to normal system file names and processes so that users won't think twice even if they do see them.

Fortinet developed The Zombie Awareness Month Computer Survival Guide to help users defend against the zombie invasion. According to the guide, "The most likely way a computer becomes infected is by landing on a malicious link. To give you an example of how links can come from anywhere, take a look at the Koobface botnet that continues to infect Facebook users. That virus was spread through video links via Facebook friend messages."

Short, cryptic messages asking users to watch a video clip, or asking "is this you in this video", and with a shortened or obfuscated link hiding the true destination URL have also plagued other sites, such as Twitter.

Even after clicking on the malicious link you may be unaware that your PC has been compromised or infected. Often, it is your friends that the zombie attempts to propagate to that bring it to your attention. The zombie infection will try to send the same message to your contacts with the same cryptic video link, but your friends may feel that the message seems suspicious, or question why you would send a video link.

The Fortinet guide explains "In either of these cases, a smart friend will ping you and ask, "Why did you send this video to me?" If you know you didn't send a video link to your friend, you can pretty much bet you've become infected or that your account is compromised."

Protecting Your Computer from Zombies

Antimalware software, if it is kept up to date with the latest signatures, will proactively protect PCs from most zombie or bot infections. However, the problem with the signature-based security model is that there is always a lag where your PCs are vulnerable to a new attack while the security vendors develop detection for the new threat.

Fortinet's guide says "While you can't kill a zombie computer by shooting it in the head, the best way to disable it and then kill it is to quarantine it (and the best way to do that is to disconnect the suspected zombie from the network). Then run a virus scan, which, if your software's up to date, should find it and rub it out."

The Zombie Awareness Month Computer Survival Guide sums up with "While real-life zombies aren't too bright or fast on their feet, zombie computers can be quite devious. Therefore, the best line of defence is to prevent infection in the first place; an initial infection can grow worse over time." That means using lines of defence such as antivirus software, firewalls, and unified threat management (UTM) to detect and block malicious threats from your network.

The very best defence, though, is common sense combined with a healthy dose of scepticism. User awareness is an IT administrator's friend. Instead of being the one that clicks on the video link to see what's so funny, or find out if it is, in fact, them in some video they aren't aware of, you want your users to be the friend that contacts the source of that message to let that person know that they received a suspicious message and that there is a good chance the PC is a zombie.


Image credit: by i eated a cookie, Flickr


Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *