honoluluadvertiser.com

Sponsored by:

Comment, blog & share photos

Log in | Become a member
The Honolulu Advertiser

Posted on: Tuesday, September 28, 2004

PC balking? It could be an evil zombie

 •  How to Keep online intruders from taking over your computer

By Byron Acohido and Jon Swartz
USA Today

ruders have become proficient at turning Internet-connected Windows PCs into "zombies" that send spam or steal personal information such as credit-card numbers.

Last Christmas, Betty Carty purchased a Dell desktop computer, then signed up for a Comcast high-speed Internet connection. But her new Windows XP machine crashed frequently and would only plod across the Internet.

Dell insisted — correctly — that Carty's hardware worked fine. But in June, Comcast curtailed Carty's outbound e-mail privileges after pinpointing her PC as a major spammer. An intruder had turned Carty's PC into a "zombie," spreading as many as 70,000 pieces of spam a day.

Carty, 54, a grandmother of three from New Jersey, was flabbergasted.

Since early 2003, infectious programs have been saturating the Internet, with the number of PCs hijacked in the millions. These machines mindlessly do the bidding of their masters and help commit crimes online.

Industry experts say top-tier code writers now create malicious programs mainly to amass networks of zombie PCs. They then sell access to zombie networks to spammers, blackmailers and identity thieves.

Broadcasting spam for Viagra or quickie loans is actually one of a compromised computer's more benign tasks. Bigger spoils lie in phishing, in which e-mail directs consumers to bogus Web pages to trick them into surrendering personal information.

There are many ways for malicious code to slip past firewalls and anti-virus programs. E-mail viruses rely on tricking the victim into opening an infectious attachment. Another widely used tool is direct planting of contagions, known as come-and-get-it viruses, that trick the computer user into giving up personal information used to activate other invasive programs. And scores of programs, called worms and bots, continually scour the Internet for PCs with security holes.

Until recently, little has been done to stop such attacks. "It's easier trying to catch Osama bin Laden," says Steve Jillings, CEO of e-mail security firm FrontBridge Technologies.

Zombie victim Carty has started diligently updating her security programs. Her PC now runs clean.

• • •

How to Keep online intruders from taking over your computer

• Install firewall software, especially if you have a broadband connection such as cable or DSL. Free firewalls are listed at www.free-firewall.org.

• Buy anti-virus software, such as Norton AntiVirus, McAfee Virus-Scan or ZoneLabs Security Suite, and keep the subscription current. Set it to automatically check for updates. New PCs typically come with a free trial subscription from Norton or McAfee. However, you must subscribe after the trial period expires to continue receiving updates.

• Enable Microsoft Windows Auto-Update to automatically download the latest security patches. Follow instructions to make sure patches are automatically installed.

• Use secure passwords and periodically change passwords and PINs. A strong password usually contains a combination of letters, numbers and symbols. Example: janedoe isn't as secure as j@n3d03.

• Consider switching browsers. Hackers have targeted Microsoft Internet Explorer because of its popularity and its security holes.

• Install anti-spyware software. Lavasoft's Ad-Aware (www.lavasoft.com) and Spybot Search & Destroy (www.spybot.com) check your computer for threats. These programs can remove many types of spyware.