|
| Garrido exploited zombie computers to launch a
denial of service attack. |
Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis centers, have welcomed
the news that a hacker who stopped over a third of Spanish computer
users from using the internet has been sentenced to two years in
jail.
26-year-old Santiago Garrido used a computer worm to launch
distributed denial-of-service (DDoS) attacks after he was expelled
from the popular "Hispano" IRC chat room for not following rules.
The attacks disrupted an estimated three million users of the
Wanadoo, ONO, Lleida Net and other internet service providers,
amounting to a third of all of Spain's internet users at the time
of the offence in 2003.
Garrido, who went by the aliases "Ronnie" and "Mike25", was
sentenced at a court in La Coruña and also faces a bill of 1.3
million Euros in damages (474,500 Euros to Lleida Net, 570,716
Euros to Wanadoo, 120,000 Euros to ONO, and 218,000 Euros to
IRC-Hispanic).
"Many times hackers use DDoS techniques to try and blackmail the
website being attacked. On this occasion, it seems the hacker was
so furious about being thrown out of a chat room that he resorted
to a criminal act to wreak his revenge, and affected millions of
internet users," said Graham Cluley, senior
technology consultant for Sophos. "Hackers engaged in these kind of
activities are guilty of a serious crime, and should be punished
accordingly. The Spanish Civil Guard should be congratulated for
seeing this case through to its conclusion."
Zombie computers - are your PCs under someone else's
control?
Zombie computers can be used by criminal hackers to launch
distributed denial-of-service attacks, spread spam messages or to
steal confidential information. SophosLabs estimates that more than
60 percent of all spam today originates from zombie computers. In
May 2005, the Sober-Q Trojan horse and Sober-N worm worked in tandem to infect
and hijack computers around the world, programming them to spew out
German nationalistic spam during an election.
As spammers become more aggressive, collaborating with virus
writers to create armies of zombie computers, legitimate
organizations with hijacked computers are being identified as a
source of spam. This not only harms the organization's reputation,
but can also cause the company's email to be blocked by others.
Sophos ZombieAlertâ„¢
advises service subscribers when any computer on their network is
found to have sent spam to Sophos's extensive global network of
spam traps, and provides rapid notification to customers if their
Internet Protocol (IP) addresses are listed in public Domain Name
Server Block Lists (DNSBL). This information helps customers
locate, disinfect, and protect these systems from future
attacks.
Sophos continues to recommend that computer users ensure their
anti-virus software is up-to-date, and that companies protect
themselves with a consolidated solution
which can defend them from the threats of both spam and
viruses.
More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing security and data protection solutions that are simple to manage, deploy and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, and network access control solutions backed by SophosLabs - a global network of threat intelligence centers. With more than two decades of experience, Sophos is regarded as a leader in security and data protection by top analyst firms and has received many industry awards.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.