Security news
Security news12 February 2008
Teenage zombie king pleads guilty to hacking US military computers Thousands of computers poisoned with adware
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis center, have welcomed the news that an American teenager has pleaded guilty to seizing control of hundreds of thousands of zombie computers, using them to display cash-generating adverts.
The male teenager, who was only identified in court documents by the initials "B.D.H" and used the online handle "SoBe", is said to have profited by installing adware on a bot network of innocent third-party compromised computers. Some of the attacked computers were based at the Weapons Division of the US Naval Air Warfare Center in China Lake, California and at the US Department of Defense.
The juvenile also admitted in the Los Angeles District Court to conspiring with infamous hacker Jeanson James Ancheta who in May 2006 was sentenced to 57 months in jail for similar offences.
"The internet has made it possible for a person in their teens not just to get up to mischief, but to inconvenience thousands whilst making a healthy profit. Zombie botnets can generate healthy profits for hackers: installing advertising pop-ups which generates income through affiliate schemes, renting out the network for hackers who wish to blackmail websites with DDoS attacks, or using them to steal information or pump out spam campaigns," said Graham Cluley, senior technology consultant for Sophos. "Running an illegal botnet is a serious crime, and those found guilty should be punished appropriately."
"B.D.H" is scheduled to be sentenced in May 2008, but is likely to escape a sentence as severe as Ancheta's because of his age at the time of the offence.
Last month Sophos published its annual Security Threat Report, which discussed how financially-motivated cybercriminals use zombie botnets in their pursuit of money.
- Download "Sophos Security Threat Report 2008"
- Download the podcast on the Security Threat Report 2008
Simply click on the arrow above to stream the podcast through your browser. Alternatively you can download it to your MP3 player.
Zombie computers - are your PCs under someone else's control?
Zombie computers can be used by criminal hackers to launch distributed denial-of-service attacks, spread spam messages or to steal confidential information. SophosLabs estimates that more than 99 percent of all spam today originates from zombie computers.
As spammers become more aggressive, collaborating with virus writers to create armies of zombie computers, legitimate organizations with hijacked computers are being identified as a source of spam. This not only harms the organization's reputation, but can also cause the company's email to be blocked by others.
Sophos ZombieAlert™ advises service subscribers when any computer on their network is found to have sent spam to Sophos's extensive global network of spam traps, and provides rapid notification to customers if their Internet Protocol (IP) addresses are listed in public Domain Name Server Block Lists (DNSBL). This information helps customers locate, disinfect, and protect these systems from future attacks.
Download now
- USA number 1 for malware and spam
- Huge surge in email attachment attacks
- Scareware makes users buy bogus products
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
