Experts at SophosLabsâ„¢, Sophos's global
network of virus, spyware and spam analysis center, have welcomed
the news that an American teenager has pleaded guilty to seizing
control of hundreds of thousands of zombie computers, using them to
display cash-generating adverts.
The male teenager, who was only identified in court documents by
the initials "B.D.H" and used the online handle "SoBe", is said to
have profited by installing adware on a bot network of innocent
third-party compromised computers. Some of the attacked computers
were based at the Weapons Division of the US Naval Air Warfare
Center in China Lake, California and at the US Department of
Defense.
The juvenile also admitted in the Los Angeles District Court to
conspiring with infamous hacker Jeanson James Ancheta who in May
2006 was sentenced
to 57 months in jail for similar offences.
"The internet has made it possible for a person in their teens
not just to get up to mischief, but to inconvenience thousands
whilst making a healthy profit. Zombie botnets can generate healthy
profits for hackers: installing advertising pop-ups which generates
income through affiliate schemes, renting out the network for
hackers who wish to blackmail websites with DDoS attacks, or using
them to steal information or pump out spam campaigns," said
Graham Cluley,
senior technology consultant for Sophos. "Running an illegal botnet
is a serious crime, and those found guilty should be punished
appropriately."
"B.D.H" is scheduled to be sentenced in May 2008, but is likely
to escape a sentence as severe as Ancheta's because of his age at
the time of the offence.
Last month Sophos published
its annual Security Threat Report, which discussed how
financially-motivated cybercriminals use zombie botnets in their
pursuit of money.
Simply click on the arrow above to stream the
podcast through your browser. Alternatively you can download
it to your MP3 player.
Zombie computers - are your PCs under someone else's
control?
Zombie computers can be used by criminal hackers to launch
distributed denial-of-service attacks, spread spam messages or to
steal confidential information. SophosLabs estimates that more than
99 percent of all spam today originates from zombie computers.
As spammers become more aggressive, collaborating with virus
writers to create armies of zombie computers, legitimate
organizations with hijacked computers are being identified as a
source of spam. This not only harms the organization's reputation,
but can also cause the company's email to be blocked by others.
Sophos ZombieAlertâ„¢
advises service subscribers when any computer on their network is
found to have sent spam to Sophos's extensive global network of
spam traps, and provides rapid notification to customers if their
Internet Protocol (IP) addresses are listed in public Domain Name
Server Block Lists (DNSBL). This information helps customers
locate, disinfect, and protect these systems from future
attacks.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com.