Night Of The Living Computers

As Halloween looms, zombies worm their way into our consciousness once more. But these days your traditional zombie has a rival – not exactly a clone, but a modern version with equally nasty habits.

Where the original zombie was said to be typically a reanimated corpse or a human being controlled by someone else by use of magic, today’s computer version is controlled by cyber criminals who are usually after your bank, social network or webmail credentials.

Traditional zombies originated in the West African spiritual belief system of voodoo, and became a popular device in modern horror fiction, largely because of the successful 1968 film Night of the Living Dead.

Four decades later, we are still fighting zombies. The computer variety connects to the Internet after an innocent user’s PC has being compromised by a hacker, computer virus or malicious software called a trojan. Usually, a compromised machine is one of many in a botnet, which will be used to perform malicious tasks of one sort or another under remote direction.

Most zombie-infected computer owners are unaware that their system is being used in this way. This lack of awareness is why such computers are compared to traditional zombies.

The modern zombies have been growing in strength and power over recent times. The bad news for their victims is that today’s industrialised hackers are demystifying two zombie myths: (1) zombies are unco-ordinated, and (2) zombies are slow.

With just a few clicks, a hacker can issue command and controls (C&Cs) to waken a group of zombies. This group then becomes part of the attacker’s ‘botnet’ – a cyber-army under his/her control. The attacker then issues different C&Cs to the botnet to perform the required cyber-attack.

A major goal of these botnets is to probe Web application vulnerabilities and extract valuable data, such as:

  • Banking credentials to gain access to a victim’s online banking system.
  • Social network credentials to hijack a victim’s profile and scrape their friend list and send out spam.
  • Webmail account credentials to gain personal information on the individual for spear-phishing.

The bottom line is, beware of zombies because today’s sophisticated hackers can conduct fully muscular attack campaigns, using a corporate ‘dashboard’ detailing attack movements and advancements, within an hour!

How do you fight a computer zombie? Avoid being the next victim, use common sense. If a link seems too good, don’t click. Update your computer with the latest patches; and ensure your anti-virus software is always enabled and up-to-date.

So, safe computing for Halloween, plus the rest of the year. And watch out for those ‘real’ zombies!

Noa Bar-Yosef is a senior security researcher with the Imperva Application Defense Center. She conducts research on database and Web application vulnerabilities. Previously, she has held TA positions in courses on programming and network security at Tel Aviv University and Open University. She has also been a software engineer with educational software vendor Sunburst Technology. Noa holds a Masters of Science degree (specialising in information security) from Tel-Aviv University, School of Computer Science and a Bachelors of Science degree from The Hebrew University, School of Computer Science. During her work in Imperva Noa has discovered multiple vulnerabilities in various commercial application and worked with software vendors on their resolutions. Noa also presented at a number of conferences including Infosec Canada (2008), SECRYPT 2007 (Spain).