- The rate at which personal computers are being hijacked
by hackers rocketed in the first half of 2004, reveals a new report. An
average of 30,000 computers per day were turned into enslaved "zombies",
compared with just 2000 per day in 2003.
- US computer security company Symantec says efforts to
build so-called "botnets" - networks of zombies used to launch
attacks on corporate websites or as anonymous relays for sending out spam
- from hacked computers have intensified dramatically in recent months.
The company's latest biannual report shows that recruitment of "zombie"
machines peaked at 75,000 computers per day.
- Jeremy Ward, service development manager at Symantec,
says virus writers can make good money by selling botnets to online extortionists
- "What we're seeing now is malware, or malicious
software, that is truly professional," Ward told New Scientist. "You
have the ability to set up botnets for a number of money-making schemes."
- Turf war
- The Symantec report is based on information gathered
from 20,000 network sensors based in 180 countries around the world. They
also collected information from anti-virus software installed on desktop
machines and corporate networks.
- The study shows that overall virus activity increased
between January and June 2004. In all, 4496 Windows computer viruses were
released during this time - a fourfold increase on the same period the
- Enlistment of zombie machines reached an all-time high
during a turf war between two virus-writing groups in the first few months
of 2004. Those behind the worms MyDoom and Bagle fought against the creator
of the Netsky virus for ownership of the infected computers.
- During this feud, a version of Netsky was released which
was designed to deactivate the Bagle and MyDoom viruses within infected
- Draining resources
- Richard Archdeacon, director of technical services at
Symantec, adds that virus writers have developed new programming tricks
to thwart current anti-virus scanning technology.
- Anti-virus scanners examine the contents of files for
pieces of data that match those of a known threat. Many viruses, for example,
insert themselves at the beginning or end of code for a legitimate programme.
Subscribe to New Scientist for more news and features
- But recent strains of virus have made scanning more difficult.
A virus called Impanate, for example, buries portions of its code in an
unexpected region of a software file.
- Another virus, known as Gastropod, rewrites its own code
entirely between replications to complicate detection. Spotting these viruses
requires considerably more computing power, draining system resources.
- "These advanced infection mechanisms may render
many traditional antivirus scanning techniques ineffective," Archdeacon
- But law enforcers have also made progress. On 9 September,
an 18-year-old German programmer was charged with creating Netsky and another