Botnet computers under the remote control of a hacker can be used
for identity theft.
Experts at IT security and control firm Sophos have welcomed
news that a man faces a stiff sentence, after admitting he
controlled an army of 250,000 compromised PCs in order to harvest
PayPal usernames and passwords and other personal information.
John Schiefer, a 26-year-old computer security consultant for 3G
Communications, faces up to 60 years in a federal jail and a fine
of $1.75 million, after collecting - with other gang members - a
botnet comprising of a quarter of a million computers, sometimes
controlling them from work.
Los Angeles-based Schiefer, who used the names "Acid" and
"Acidstorm" online, faces charges of developing and distributing
malware to poorly-defended computers, and then using them for the
purposes of identity theft. Having stolen PayPal usernames and
passwords, Schiefer and other gang members, made purchases from
unwitting victims' accounts.
Under terms of a plea agreement filed by Schiefer on 9 November,
he will plead guilty to four felony counts: accessing protected
computers to conduct fraud, disclosing illegally intercepted
electronic communications, wire fraud and bank fraud.
"Everyone who has a computer runs the risk of it becoming part
of a cybercriminal botnet. Only by properly securing PCs with
up-to-date anti-virus, firewalls, security patches and a good
serving of common sense, can consumers defend themselves from
having their Windows computers silently taken over by hackers for
their own ends," said Graham Cluley, senior
technology consultant for Sophos. "The authorities should be
applauded for investigating crimes like this and bringing criminals
to justice, but there are plenty of other hackers engaged in these
activities who are still managing to escape the clutches of the
Zombie computers - are your PCs under someone else's
Botnet computers, also known as zombies, can be used by criminal
hackers to launch distributed denial-of-service attacks, spread
spam messages or to steal confidential information.
As spammers become more aggressive, collaborating with virus
writers to create armies of zombie computers, legitimate
organizations with hijacked computers are being identified as a
source of spam. This not only harms the company's reputation, but
can also cause the business's email to be blocked by others.
advises service subscribers when any computer on their network is
found to have sent spam to Sophos's extensive global network of
spam traps, and provides rapid notification to customers if their
Internet Protocol (IP) addresses are listed in public Domain Name
Server Block Lists (DNSBL). This information helps customers
locate, disinfect, and protect these systems from future
Sophos recommends companies protect themselves with a consolidated solution which can control network access and defend
against the threats of spam, hackers, spyware and viruses.