Microsoft digs up zombie network horror

By Matt Whipp

Posted on 28 Oct 2005 at 12:19

Microsoft has revealed the true scale of the 'zombie' threat in an experiment that has founded 13 investigations into spam operations.

The company says it intentionally set up a zombie computer, stuck it online for three weeks and watched what happened.

Although the machine was configured so that it wouldn't actually send out any spam itself, it was quickly identified as a new recruit to the zombie networks and enlisted for spamming duties.

Reseachers noted 5m requests for connections to the machine over the period and attempts to send 18m spam messages carrying advertising for 13,000 websites.

'The widespread use of zombie computers to commit crimes over the Internet presents a very real danger to law-abiding computer users,' said Tim Cranton, director of Internet Safety Enforcement Programs at Microsoft. 'This is precisely why Microsoft initiated this investigation into zombies and took legal action. As a result, we have identified more than a dozen spamming operations exploiting zombie networks to send millions of illegal spam messgaes. We will continue our investigations and will maintain a steady, concerted effort to indentify and target criminals to help make the Internet safer.'

Microsoft is also working with the Federal Trade Commission on the Operation Spam Zombies initiative, that seeks to encourage ISPs to take action against any zombie systems they identify on their networks.

In addition Microsoft set up its Postmaster and Smart Network Data Services monitoring last May, which allows ISPs to identify ip addresses on their network that are sending spam to Microsoft's Hotmail email service.

And spam is not the only problem. Networks of 'zombie' computers, or botnets, can be used to launch phishing attacks, seed new viruses, launch denial of service attacks and be put to other sinister uses.

However, the emphasis is still on education and encouragement of best practices. There is as yet no legal requirement for consumers to have security software on their machines, or for ISPs to shut out identified compromised machines on their networks.

Both Microsoft and the FTC offer top tips for consumers on how to stay safe online. The UK Government also launched its own Get Safe Online campaign yesterday.