A computer security company has examined the proliferation of illicit
programs installed on unsuspecting machines, painting a vivid picture
of the international scope of cybercrime.
A zombie computer is one with a hidden software program that allows
the computer to be remotely controlled by others. Uses include launching
distributed denial-of-service attacks or sending spam without revealing
the identity of the culprit. These “backdoors” are often
installed with spammed “Trojan horses” or e-mail worms.
In May, researchers with CipherTrust, Inc. found an average of
172,009 new zombies identified each day. Approximately 20 percent
of the new zombies originated in the United States and 15 percent
originated in China.
An earlier study conducted during late March and early April found
that approximately 20 percent of the 157,000 new zombies originated
in China. The origin of the zombie machines may change on a daily
basis, because machines can be infected anywhere in the world.
CipherTrust tracked the emergence of zombie computers by synthesizing
data from reports of nearly 10 million customers. Its software tracks
the number of new, completely unique zombies every hour.
During the first three weeks of May, approximately 26 percent of
new zombies originated daily from in the European Union: six percent
from Germany, five percent from France and three percent the United
Kingdom.
The only way to thwart the zombies is to understand how these networks
operate, said Paul Judge, chief technology officer with CipherTrust.
“By monitoring global messaging activity and identifying
behavioral patterns, we can continue to provide predictive protection
against threats before they emerge,” Judge said.