With Halloween coming up, the fear and fascination with the walking dead is everywhere. In recent years, the Centers for Disease Control have used zombie alerts to warn of the flu. Highway departments have also zombie mania to get people to try to slow down, though that has drawn a lot of criticism. But they’re all latecomers. Back in 2007, the FBI issued a warning about zombie attacks. Nothing tongue in cheek about this one, either; it was very serious indeed.

These weren’t the kind of modern zombie that wants to eat your brains; these zombies were more traditional in that they have become unwitting, helpless slaves of an evil master. Yet these zombies are not undead flesh and blood; they lust after your PC, laptop, tablet, or smartphone to turn them into zombie machines just like the rest to attack other devices.

The threat is still quite real, and an infestation can not only quickly destroy your files and render your computer useless to you, but makes it a danger to the entire Internet.

Hordes of zombies

Zombie programs, also called “bots”, hijack computers through trickery. Infection often occurs when the user is tricked into opening an email attachment with a virus or visits a booby-trapped webpage, though they can also appear in downloaded files. Free screensavers are also a common means of infection, because a screensaver is an executable program. The virus quickly commandeers the computer, to steal personal information, wipe out files, send out spam, spread spyware, or even stash illegal content. Tens of thousands of computers can be on a single botnet, and the managers or “bot herders” of such systems will even sell access to other managers.

Back in 2007, the FBI’s “Operation Bot Roast” identified over 1 million infected computers. They notified the owners, most of who had no idea their computers were compromised. Six people, all from the US save for one from New Zealand, faced charges.

Earlier that year, the Storm botnet was discovered, which may have run from as few as a quarter of a million up to 50 million infected computers. Used for a variety of criminal activities, the behavior of the infected machines changed over time, indicating its masters were tracking and actively blocking any attempts to disable it. Vicious attacks were quickly directed against individuals and security labs who were researching how it worked. Transitioning to a form of cyberwar, it even forced entire countries off the Net.

Late in 2007, the Storm botnet began to split into segments, possibly because its masters were interested in selling or leasing portions of their zombie empire to other criminals. In 2008, it was used in phishing scams against Barclays and other British banks. Though seemingly in decline ever since, the FBI still considers the Storm botnets to be a major risk for increased cybercrime like bank fraud and identity theft.

The Storm botnet was very sophisticated. Its still-unknown creators changed tactics, using trumped-up email headlines; exploiting a weakness on the Republican Party’s website and another at YouTube; and even luring unwary email recipients with offers of a “Christmas strip show”. It also could defend itself quite aggressively, fighting back and punishing those too curious, and its secret controllers monitored its progress and updated it to get around defenses.

Signs of zombie infections

Bots burrow deep within the operating system. They may include rootkits, hidden software to conceal their malicious activities that can be extremely difficult to remove. As a result it can be hard to even tell if a computer is infected unless the infection is aggressive enough to visibly interfere with operations. Telltale signs may include the computer running slowly, strange pop-ups and notices, or Internet traffic or outgoing email when there should be none. If you receive an email from somebody in your address book saying that you are sending spam, that itself is a symptom. However, some spammers steal addresses or generate them automatically, so this is not always definitive.

Smartphone menace

More than just your personal laptop and computer is at risk. Smartphones have already been targeted, too, first with the Zeus bot in early 2010. Not only are phone bots a threat to your personal information, they can even make calls or send texts to premium numbers without you ever knowing until you get the bill.

The threat is growing rapidly, especially with increasing interconnections between smartphones and computers. Last year, Google had to remove over 50 virus-infected apps from their app store. Smartphone security in general has a lot of catching up to do.

It’s worth noting that the iPhone, like other Apple products, have so far had few viruses targeting it. In fact, most threats that do aim at “jailbroken” iPhones, those unlocked to use unapproved applications. But all smartphones are at risk as they share certain universal vulnerabilities. The threat will only increase because criminals can make a lot of money as the use of mobile phones spreads throughout all phases of life and commerce.

SWCP fights zombies

Southwest Cyberport monitors overall network traffic and watches for the latest alerts. If we see an unusual amount of activity, or receive reports of spam coming from our users, we will quickly notify them. However, by that time the infected computer might be almost useless, so it’s far better to prevent infection in the first place.

To avoid the curse of the zombies, use a firewall and keep your virus protection current. Update your system as needed, and scan downloaded files before opening. Some websites offer free scanning, but be very careful: check their reputation online before accepting any offers. Some are known to report an overabundance of spyware to get you to buy their products — or even use the scan to install some.

If you get a suspicious email or attachment that you’re not sure about, call us. For members, SWCP will scan for malware on your machine in our offices, one free scan per year. We’ll also install free antivirus programs, and if your own programs need reinstalling, we’re happy to do that too if we’re provided a disk and the proper code.

Zombies threaten everybody. Fortunately, to fight this kind, you don’t need a shotgun and a flamethrower. Firewalls, anti-virus protection, and common sense are much more effective.