Zombie (computing)

In

DDoS attack by multiple botnet machines also resembles a "zombie horde attack", as depicted in fictional zombie films

Advertising

Zombie computers have been used extensively to send

spammers to avoid detection and presumably reduces their bandwidth costs, since the owners of zombies pay for their own bandwidth. This spam also greatly increases the spread of Trojan horses, as Trojans are not self-replicating. They rely on the movement of e-mails or spam to grow, whereas worms can spread by other means.^[3] For similar reasons, zombies are also used to commit click fraud against sites displaying pay-per-click advertising. Others can host phishing or money mule

recruiting websites.

Distributed denial-of-service attacks

Zombies can be used to conduct

distributed denial-of-service (DDoS) attacks, a term which refers to the orchestrated flooding of target websites by large numbers of computers at once. The large number of Internet users making simultaneous requests of a website's server is intended to result in crashing and the prevention of legitimate users from accessing the site.^[4] A variant of this type of flooding is known as distributed degradation-of-service. Committed by "pulsing" zombies, distributed degradation-of-service is the moderated and periodical flooding of websites intended to slow down rather than crash a victim site. The effectiveness of this tactic springs from the fact that intense flooding can be quickly detected and remedied, but pulsing zombie attacks and the resulting slow-down in website access can go unnoticed for months and even years.^[5]

The computing facilitated by the Internet of Things (IoT) has been productive for modern-day usage, yet it has played a significant role in the increase in web attacks. The potential of IoT enables every device to communicate efficiently, but this also intensifies the need for policy enforcement regarding security threats. Among these threats, Distributed Denial-of-Service (DDoS) attacks are prevalent. Research has been conducted to study the impact of such attacks on IoT networks and to develop compensating provisions for defense.^[6] Consultation services specialized in IoT security, such as those offered by IoT consulting firms, play a vital role in devising comprehensive strategies to safeguard IoT ecosystems from cyber threats.

Notable incidents of distributed denial- and degradation-of-service attacks in the past include the attack upon the

MafiaBoy

', a Canadian teenager.

Smartphones

Beginning in July 2009, similar botnet capabilities have also emerged for the growing

Etisalat BlackBerry spyware program. In the 2010s, the security community is divided as to the real world potential of mobile botnets. But in an August 2009 interview with The New York Times, cyber security consultant Michael Gregg summarized the issue this way: "We are about at the point with [smart]phones that we were with desktops in the '80s."^[7]

References

^ "Zombie - Port Security". August 3, 2021.
^ Tom Spring (June 20, 2005). "Spam Slayer: Slaying Spam-Spewing Zombie PCs". PC World. Archived from the original on July 16, 2017. Retrieved December 19, 2015.
ISBN 978-0-7656-1748-4
.

ISBN 978-0-13-233385-6
.

ISBN 1-85109-731-7
.

S2CID 52924506
.

New York Times. Archived
from the original on July 16, 2017. Retrieved July 16, 2017.

External links

This article's use of external links may not follow Wikipedia's policies or guidelines. Please improve this article by removing excessive or inappropriate external links, and converting useful links where appropriate into footnote references. (May 2017) (Learn how and when to remove this template message)

Botnet operation controlled 1.5 million PCs

Is Your PC a Zombie? on About.com Archived July 24, 2011, at the Wayback Machine

Intrusive analysis of a web-based proxy zombie network

A detailed account of what a zombie machine looks like and what it takes to "fix" it Archived April 27, 2006, at the Wayback Machine

Correspondence between Steve Gibson and Wicked

Zombie networks, comment spam, and referer [sic] spam

The New York Times: Phone Hacking Threat is Low, But It Exists

Hackers Target Cell Phones, WPLG-TV/ABC-10 Miami

Researcher: BlackBerry Spyware Wasn't Ready for Prime Time

Forbes: How to Hijack Every iPhone in the World

Hackers Plan to Clobber the Cloud, Spy on Blackberries^{[permanent dead link]}

SMobile Systems release solution for Etisalat BlackBerry spyware

LOIC IRC-0 - An Open-Source IRC Botnet for Network Stress Testing

An Open-Source IRC and Webpage Botnet for Network Stress Testing

v
t
e
Information security
Related security categories

Computer security

Automotive security

Cybercrime
Cybersex trafficking

Computer fraud

Cybergeddon

Cyberterrorism

Cyberwarfare

Electromagnetic warfare

Information warfare

Internet security

Mobile security

Network security

Copy protection

Digital rights management

vectorial version
Threats

Adware

Advanced persistent threat

Arbitrary code execution

Backdoors

Hardware backdoors

Code injection

Crimeware

Cross-site scripting

Cross-site leaks

DOM clobbering

History sniffing

Cryptojacking

Botnets

Data breach

Drive-by download

Browser Helper Objects

Viruses

Data scraping

Denial-of-service attack

Eavesdropping

Email fraud

Email spoofing

Exploits

Hacktivism

Insecure direct object reference

Keystroke loggers

Logic bombs

Time bombs

Fork bombs

Zip bombs

Fraudulent dialers

Malware

Payload

Phishing
Voice

Polymorphic engine

Privilege escalation

Ransomware

Rootkits

Scareware

Shellcode

Spamming

Social engineering

Spyware

Software bugs

Trojan horses

Hardware Trojans

Remote access trojans

Vulnerability

Web shells

Wiper

Worms

SQL injection

Rogue security software

Zombie

Defenses

Application security
Secure coding

Secure by default

Secure by design
Misuse case

Computer access control
Authentication
Multi-factor authentication

Authorization

Computer security software
Antivirus software

Security-focused operating system

Data-centric security

Obfuscation (software)

Data masking

Encryption

Firewall

Intrusion detection system
Host-based intrusion detection system (HIDS)

Anomaly detection

Security information and event management (SIEM)

Mobile secure gateway

Runtime application self-protection

Site isolation

v
t
e
Malware topics
Infectious malware

Comparison of computer viruses

Computer virus

Computer worm

List of computer worms

Timeline of computer viruses and worms

Concealment

Backdoor

Clickjacking

Man-in-the-browser

Man-in-the-middle

Rootkit

Trojan horse

Zombie computer

Malware for profit

Adware

Botnet

Crimeware

Fleeceware

Form grabbing

Fraudulent dialer

Malbot

Keystroke logging

Privacy-invasive software

Ransomware

Rogue security software

Scareware

Spyware

Web threats

By operating system

Android malware

Classic Mac OS viruses

iOS malware

Linux malware

MacOS malware

Macro virus

Mobile malware

Palm OS viruses

HyperCard viruses

Protection

Anti-keylogger

Antivirus software

Browser security

Data loss prevention software

Defensive computing

Firewall

Internet security

Intrusion detection system

Mobile security

Network security

Countermeasures

Computer and network surveillance

Honeypot

Operation: Bot Roast

Retrieved from "https://en.wikipedia.org/w/index.php?title=Zombie_(computing)&oldid=1216821773"

[1] "Zombie - Port Security". August 3, 2021.

[2] Tom Spring (June 20, 2005). "Spam Slayer: Slaying Spam-Spewing Zombie PCs". PC World. Archived from the original on July 16, 2017. Retrieved December 19, 2015.

[3] ISBN 978-0-7656-1748-4
.

[4] ISBN 978-0-13-233385-6
.

[5] ISBN 1-85109-731-7
.

[6] S2CID 52924506
.

[7] New York Times. Archived
from the original on July 16, 2017. Retrieved July 16, 2017.

[3]

[4]

[5]

[6]

[7]

Advertising

Distributed denial-of-service attacks

Smartphones

See also

References

External links