by Lamont Wood
Special to LiveScience
Unseen, unnamed forces are barraging you with lies, and if you weaken
and believe them your computer will be turned into a zombie.
No, that's not a blurb for a bad sci-fi movie -- it's a description of
what's happening on any desktop containing an Internet-connected PC.
Before the month is even done, April has set a record for virus
e-mails, thanks to a virulent and successful malware called the Storm
Virus, Adam Swidler, a manager at Postini Inc., a spam filter service
in San Carlos, CA, told LiveScience.
A Storm Virus e-mail carries alarming news blurbs (originally
concerning bad weather -- hence the name) in its subject
line. Clicking on the attached file causes a Trojan to download,
installing botnet software that turns your PC into a zombie, placing
it under someone else's remote control.
Security software vendor Symantec Inc. recently reported detecting
63,912 zombies on an average day, and that during the last half of
2006 it detected 6,049,594 separate zombies; 29 percent more than
during the first half of 2006. (More than a quarter were in China,
where computer security is a relatively new topic.)
How it works
In the background, when you may not notice, your computer will begin
following the orders of its distant master.
Some zombies get rented out for denial of service attacks, but most
send out bulk loads of spam. Some of the spam will contain copies of
the virus that enslaved it. (Yes, it's reproducing.) These days,
however, the spam is as likely to tout a particular company,
announcing extravagant news that, if true, is certain to drive the
stock price of that firm through the roof.
Unfortunately, the news is fiction; the botmaster has picked out a
thinly-traded penny stock and has bought a block of shares, sometimes
through hijacked online trading accounts. After the barrage of spam goes
out, enough gullible people buy shares of the stock to cause its price
to move upwards -- and the botmaster sells at a profit. The price then
crashes, burning those who bought it.
"There's evidence that some of the people who buy the stock know
exactly what's going on, but figure they can ride the stock price as
it goes up and get out when the spammer does," Swidler said. "But they
This "pump-and-dump" process is a hallmark of what's also called 'Spam
Unlike first-generation spam, which tries to sell something and
therefore can be traced to its perpetrator, Spam 2.0 has no obvious
link to the source of its funding, making it even more insidious and
harder to stop.
In response, the Securities and Exchange Commission has tried
temporarily freezing the trading of stocks touted in spam. "But the
spammers don't seem discouraged at all by the SEC's actions," observed
Swidler. "We have not seen any impact."
Self-protection, therefore, is paramount. Experts agree on several
Don't open files that are attached to spam, or to any e-mail whose
source you are not sure about. If your Internet service provider
offers spam filtering, use it, or get your own spam filtering
software. Acquire anti-virus and anti-adware software and keep them
updated. Use a firewall. Since most malware takes advantage of
security flaws in the operating system, make sure you have acquired
the latest patches. Current versions of Microsoft Windows can do so
automatically if there's a network connection.
And finally, "Don't respond to any unsolicited offers on the Internet,
stock or otherwise," Swidler urged.
Visit LiveScience.com for more daily news, views and scientific
inquiry with an original, provocative point of view. LiveScience
reports amazing, real world breakthroughs, made simple and stimulating
for people on the go. Check out our collection of Science, Animal and
Dinosaur Pictures, Science Videos, Hot Topics, Trivia, Top 10s,
Voting, Amazing Images, Reader Favorites, and more. Get cool gadgets
at the new LiveScience Store, sign up for our free daily email
newsletter and check out our RSS feeds today!
Copyright 2007 LiveScience.com
For more news and headlines, please go to: