SHAHRUL NIZAM BIN SUKRIL JAMEL

ISK601 K4
ZOMBIE COMPUTER AND BOTNETS
World of cyber got many advantages for hackers. Internet crimes like zombies computer, and
botnets frequently get attetntion. Its not hard to figure out from the context that these are
computer or network security threats. But what exactly are they, how do they work, and what
damage do they cause?

WHAT IS ZOMBIE COMPUTER AND BOTNETS?

ZOMBIE COMPUTER IS a computer connected to the Internet that has
been compromised by a hacker, computer virus or trojan horse and can be used to perform
malicious tasks of one sort or another under remote direction.
BONNET IS a number of Internet-connected computers communicating with other similar
machines in an effort to complete repetitive tasks and objectives
Botnets of zombie computers are often used to spread e-mail spam and launch denial-of-service
attacks. Most owners of zombie computers are unaware that their system is being used in this way.
Because the owner tends to be unaware, these computers are metaphorically compared to zombies.

HOW THIS ZOMBIE COMPUTER WORKS?

ZOMBIE COMPUTER IS very much like the agent. The hacker who intends mischief or harm
-- secretly infiltrates an unsuspecting victim's computer and uses it to conduct illegal activities.
The user generally remains unaware that his computer has been taken over -- he can still use it,
though it might slow down considerably. As his computer begins to either send out massive
amounts of spam or attack Web pages, he becomes the focal point for any investigations
involving his computer's suspicious activities.
The user might find that his Internet Service Provider (ISP) has cancelled his service, or even that
he's under investigation for criminal activity. Meanwhile, the hacker shrugs off the loss of one of
his zombies because he has more. Sometimes, he has a lot more -- one investigation allegedly
discovered that a cracker's single computer controlled a network of more than 1.5 million
computers.
The list of DDoS attack victims includes some pretty major names. Microsoft suffered an attack from a
DDoS called MyDoom. Crackers have targeted other major Internet players like Amazon, CNN, Yahoo
and eBay. The DDoS names range from mildly amusing to disturbing:
-

Ping of Death - bots create huge electronic packets and sends them on to victims
Mailbomb - bots send a massive amount of e-mail, crashing e-mail servers
Smurf Attack - bots send Internet Control Message Protocol (ICMP) messages to reflectors
Teardrop - bots send pieces of an illegitimate packet; the victim system tries to recombine the
pieces into a packet and crashes as a result

SHAHRUL NIZAM BIN SUKRIL JAMEL

ISK601 K4
HACKERS MAKE MONEY FROM THEIR BOTNETS IN SEVERAL WAYS:
They may use the botnets themselves to send spam, phishing, or other scams to trick consumers
into giving up their hard earned money. They may also collect information from the bot-infected
machines and use it to steal identities, run up loan and purchase charges under the users name.
They may use their botnets to create denial-of-service (DoS) attacks that flood a legitimate
service or network with a crushing volume of traffic. The volume may severely slow down the
companys service or networks ability to respond or it may entirely overwhelm the companys
service or network and shut them down.
Revenue from DoS attacks comes through extortion (pay or have your site taken down) or
through payments by groups interested in inflicting damage to a company or network. These
groups include hackers with political agendas as well as foreign military and intelligence
organizations.
Hackers may also lease their botnets to other criminals who want to send spam, scams, phishing,
steal identities, and attack legitimate websites, and networks.

1. HACKER SEND THE VIRUSES TO ORDINARY COMPUTER

2. THE BOT INFECTED THE SERVER
3. A SPAMMER PURCHASES THE SERVICES FROM THE HACKER
4. HACKER MAKE THE SPAM.

SHAHRUL NIZAM BIN SUKRIL JAMEL

ISK601 K4
SIGNS YOUR PC MIGHT BE A ZOMBIE
1. Your computers performance is noticeably slower.
2. You receive unexplained error messages.
3. Your computer crashes frequently.
4. You discover messages in your outgoing email folder that you didnt send. A tip-off might be if
you receive bounce-back notifications from people you dont know or havent emailed.
5. It takes your computer longer to shut down and start up.
6. You discover an unexpected loss of hard disk (or flash storage) space.
7. Your Web browser frequently closes for no obvious reason.

8. Your access to computer security websites is blocked.

HOW TO PREVENT THIS ZOMBIE COMPUTER?

Opening Website and Mail
-

Always pay attetntion when open attached mail

Do not visit any suspicious website

Install a firewall to protect your home network

-

Firewalls can be part of a software package or even incorporated into some hardware like
routers or modems.
Set your computers personal firewall to its maximum-security level because this will
require applications seeking access to the Internet to notify you, enabling you to track all
incoming as well as outgoing traffic. In turn, this can help you identify repeated requests
from the same application to access just a few destinationsa telltale sign the application
is a zombie.

Password
-

Make sure that your passwords are difficult or impossible to guess

Do not use the same password for multiple applications because it gives a layer of
protection

Antivirus
-

Always update your antivirus and scan your computers hard drive to find and remove the
malware.
Keep in mind some types of malware will prevent your antivirus software from running. In
that event, download additional antivirus software and try to run each one until you find a
program that will get past the zombies self-defenses.
Zombie/bot malware frequently hides from security software scanners by installing a
rootkit. A rootkit is a stealth piece of software thats usually malicious. Installing rootkit
detection to prevent the zombie.