Zombies continue to chase Windows PCs

Malicious remote control software continues to be one of the biggest threats to Windows PCs, according to a new Microsoft security report.

More than 43,000 new variants of such insidious software were found in the first half of 2006, making them the most active category of malicious software, Microsoft said in a Security Intelligence Report published Monday. In June Microsoft also flagged zombies as the most prevalent threat to Windows PCs.

"Attackers, with financial gain in mind, are clearly concentrating a significant amount of development focus on this category of malware," Microsoft said in the report.

Of 4 million Windows PCs found to be infected with some kind of malicious software in the first half of this year, about 2 million were running malicious remote control software, Microsoft said. The data is collected by Microsoft's free Windows Malicious Software Removal Tool, which runs when security updates are installed on Windows PCs.

While the number is high, it is actually a decrease from the second half of 2005, when Microsoft found that 68 percent of infected PCs contained a backdoor Trojan. Meanwhile, hackers are trying harder to make their networks of hijacked computers go unnoticed by moving to new Web-based techniques.

A computer compromised by such a Trojan horse, popularly referred to as a zombie PC, can be used by miscreants in a network of bots, or "botnet," to relay spam and launch cyberattacks. Additionally, hackers often steal the victim's data and install spyware and adware on PCs, to earn a kickback from the spyware or adware maker.

Rootkits, which make system changes to hide another piece of possibly malicious software, remain an uncommon threat. There has been a 50 percent reduction in this kind of attack against computers running Windows during the past six months, Microsoft said.

Microsoft introduced the Windows Malicious Software Removal Tool in January last year. An updated version of the program ships monthly with Microsoft's security updates. The tool aims to identify and remove prevalent malicious software from PCs.

[W2Kuser]

Huge national security threat

It's amazing that Microsoft is allowed to block criticial security updates to "unauthorized" PCs. This represents the single greatest threat to our national security.

And the problem is much worse than reported, because Microsoft's stats only count "authorized" PCs being updated. There are literally millions of PCs out there which are not fully patched, and comprise a hidden army an order of magnitude larger than Microsoft is reporting...

[Kalama]

Additional thoughts

Please see / read article in the new edition of "Wired" magazine ...
add content of story regarding bots to the above comments ...
throw in a bit of Oil money ... And, Yep! A HUGE national security
threat.

[Walt Connery]

????

What on earth would ever cause you to think the people running bootleg, unpaid-for copies of an OS might ever be particularly worried as to whether or not it was patched?

IMO, software is not a threat to national security. If anyone is actually such a threat, it's the hacker, imo.

[kamwmail-cnet1]

Easy Solution: Send Out Old Fashion KILL VIRUSES.

These dumb arse zombies will install the kill viruses like they install all other viruses. Only the kill viruses will kill their machines. Taking it out of the Internet Genome.

Now if only we can kill the idiots themselves. Preferrably before they spawned and infest the HUMAN Genome further.

[thenet411]

Actually, I agree with this

As bad as it may sound, it needs to be done. If people are not going to secure their computers (come on people, some antivirus/antispyware software is free, you have NO excuse) then they deserve to have their machines shut down.

I'm not talking data loss, I am just talking about a complete wipe of the OS. Let them take the computer to a professional, have the data recovered and when they get the huge bill, maybe they will learn something. I believe it will take something like this before these amateur users wake up.

People are not allowed to drive cars without insurance. Why are computers different? The careless actions of the idiots out there are causing problems for everyone else.

[lenn5]

5 years and not 1 virus or spyware using a Mac :)

Can't understand why anyone would want to use an OS that is so
vunerable to viruses, maleware and spyware???????

[imacpwr]

Easy solution, switch to a different OS..!!

Linux, Unix, Mac..
If you want (more) security from your OS then switch, doesn't
matter which one as long as it's not Microsoft Windows.

[jaspal.m]

Give better solution!!!

atleast microsoft do report,and cure them too....will linux do tht...

[jaspal.m]

Give better solution!!!

atleast microsoft do report,and cure them too....will linux do tht...

[jaspal.m]

Give better solution!!!

atleast microsoft do report,and cure them too....will linux do tht...

[markdoiron]

Really?

"...switch to a different OS"

If switching OSs was such an easy solution, then why is that it's not being done? Because on the large scale that reflects the market penetration of PCs and MS OSs it isn't an easy solution. And it's not a cheap solution, either.

And before anyone points out that some of the softare is free: Don't be foolish. TANSTAAFL. It costs real money to switch software, even if the software itself is free.

mark d.

[rcrusoe]

Don't worry, Vista will fix the problem.

After all, it was built from the "ground up" to be more secure.

Just because Vista has been included in many of the recent critical
updates for XP doesn't mean that it shares many of XP's security
problems, does it?

Oh. Nevermind.

[Walt Connery]

????

Please explain your statement. Defender isn't a "security problem solver," if you didn't know. It's a *malware* detection database. If you don't understand the difference between malware (spyware, adware, etc.) and things like "security holes" and a virus, I'm afraid you need to do some personal research...;)

Also, apparently you haven't read how much Symantec and McAffee regard Vista's native security ROOB. It seems as if Vista's security is much too good to suit them as it has caused them to wonder if they are relevant anymore--to the degree that they are now complaining about it to the EUC and anybody else strange and dumb enough to listen such complaints...;) The fact that Symantec and McAffee are howling to the heavens about the level of standard security inside Vista makes me feel very good about Vista's security prospects in comparison with XP.

[slim-1]

Your post is a satire I hope

Has to be.

[baswwe]

Is this why there is ALWAYS a fresh supply of hacked passwords?

The passwords sites have new passwords daily to all the good sites. It is unbelievable!

[thedreaming]

Easiest Solution

The problem with worms, viruses and spyware is that their delivery system is a tool that most people can't do without: The Internet. Remove that and all those threats will have no easy and direct way to reach you.

[Macsaresafer]

Not a threat to my system.

If your computer is threatened by the internet, by all means,
disconnect it. My computer is just fine, but of course, my computer
doesn't do Windows. It could, but I know better.

[gernblan]

Perhaps so, in the windows world, but...

....running an operating system that doesn't support this kind of behavior "out of the box" also helps protect you.

OSX is good.
Linux is better.
Even Solaris 10 is looking pretty interesting. I have downloaded that one but have yet to install it. I plan to soon, in order to play with it.

[jltnol]

How Much Spam Comes From..

With up to 80% of all e-mail spam, I'm wondering how much is
being sent out by zombie computers.. and how much is being sent
out by legit spammers? <legit spammers.. that's funny>

[gernblan]

Why wouldn't they?

Since Microsoft plans to not let people get updates that upgrade their computer or due to MS's own bugs, fail WGA. Of course that means more security holes to exploit--more opportunity to turn machines into zombies.

Open source software doesn't have this problem. I wonder why? Could it be because the code is open and thus gets fixed?

Security through obscurity doesn't work. The numbers don't lie.

And thanks to Vista, it's only going to get worse, as even antivirus companies are locked out from doing anything about it.

[wbenton]

If they can be zombied

If they can be zombied, that means that they are hackable.

As such, we should use the skills of already caught and imprisoned hackers to hack into and take down those zombied PC's as a way to possibly reduce their sentences.

Offer them a 60 second reduction of their sentence for every zombied PC they took down. If they took down the entire 2 Million army of zombies they could reduce their sentence by 3.8 years.

Problem resolved quickly.

Walt