Categories: Archives

Campbell: Microsoft takes spam to court

Pittsburgh might be ground zero for the inevitable zombie invasion, but Microsoft is already… Pittsburgh might be ground zero for the inevitable zombie invasion, but Microsoft is already fighting a zombie army that transcends borders.

Sure, computer zombies probably won’t eat your brain, but they have become one of the most serious threats to any computer with an Internet connection.

A new virus network, the Waledac botnet, is a large and formidable enemy of virus-free computers everywhere. The spam that the Waledac network sent can contain scams to secure personal information and steal identities.

A botnet is a network of computers infected by a virus code — in this case the Waledac virus. Once infected, computers become “zombies” that appear to be working normally to their users, but behind the scenes, they are at the mercy of the hacker who can give them the fatal bite.

Zombie computers are commonly used either to spread the virus itself — which makes the Waledac virus even more formidable — or to send out large quantities of spam.

Computers connected through the Waledac network have many means of communicating. Microsoft seems to take the position that the Waledac computers communicate primarily using a series of registered domain names.

Microsoft is going after these domain names in its recent quest against the spread of these zombie viruses.

It’s commonly thought that Microsoft is reactive — rather than proactive — to malware and security issues. We want to blame the company for making a fundamentally insecure product and patching those holes only when someone exploits them.

No matter how much we want to avoid admitting it, Microsoft has attempted to strike first by using the legal system to fight the battle against security threats.

Microsoft recently and successfully attacked a botnet, Waledac, through the court system. A botnet is a collection of “zombie” computers under the influence of a virus. Like zombies, any computer could be infected, and we might not notice until its too late.

With this success, Microsoft announced that it will attempt to attack other botnets with a similar tactic. Shutting down these botnets would put a large dent in the population of security threats affecting Microsoft Windows machines.

As a result, Microsoft turned to the legal system.

To reduce the influence and damage of the Waledac network, Microsoft developed a legal tactic of proactively removing domain names from the Internet.

With the help of VeriSign, the company that registered the domain names, Microsoft successfully had 277 domain names deregistered and shut down.

While the true success of Microsoft’s legal maneuverings is questioned, Microsoft declared victory over Waledac and plans to use similar legal attacks on other botnets.

According to a PCWorld article, written by Gregg Keizer and published Feb. 25, critics of Microsoft’s legal tactic cite the abilities of Waledac and similar networks to communicate without the registered domains.

Keizer quoted a representative of SecureWorks, a company describing itself as “the information security experts,” as he explained the way by which Waledac computers can work around shuttered domain names.

Computers in the network have the ability to communicate directly with one another through hard-coded addresses, put in place by the original Waledac virus.

To attack these hard-coded addresses, Microsoft would be forced to bar specific computers from access to the Internet.

Even if disconnecting a single computer was not legally ridiculous, Lavasoft, the maker of the anti-malware software Ad-Aware, estimates on its website that Waledac consists of 20,000 to 30,000 infected computers.

Even if Microsoft’s critics are correct and the Waledac network is not truly crippled, Microsoft’s commitment to trying its legal avenues is refreshing.

If Microsoft begins to attack these botnets from multiple angles and explores even more legal methods of shutting down the backbone of the zombie networks, real reductions in spam and Trojan virus spread might occur.

Unfortunately, for now the legal tactics, combined with Microsoft’s ongoing strategy of patching security issues when they arise, are commonly insufficient in protecting computer users from becoming victims.

Lavasoft urges computer users to take common sense precautions to prevent infection. The company suggests that Microsoft users keep their virus definition files and virus scan software up to date.

Users should also refrain from opening e-mail attachments — even images — from unknown senders.

The Waledac virus can also be downloaded from a series of malicious sites. Users should therefore not follow links directly from e-mails and should never agree to install extension applications from unfamiliar websites.

Waledac malicious sites can commonly inform the user that an executable file must be downloaded and installed for additional content on the site to become visible.

Keeping up to date with Microsoft’s security patches is also an excellent idea.

Good news is coming from the world of virus prevention, but it seems that the best defense is just more defense.

Virus prevention seems to be a game of lowering your chances of infection by preventing the obvious exploitable security holes.

Pitt News Staff

Share
Published by
Pitt News Staff

Recent Posts

Frustrations in Final Four: Pitt volleyball collects fourth straight loss in Final Four

The best team in Pitt volleyball history fell short in the Final Four to Louisville…

3 days ago

Olivia Babcock wins AVCA National Player of the Year

Pitt volleyball sophomore opposite hitter Olivia Babcock won AVCA National Player of the Year on…

3 days ago

Photos: Pitt women’s basketball falters against Miami

Pitt women’s basketball fell to Miami 56-62 on Sunday at the Petersen Events Center.

4 days ago

Photos: Pitt volleyball downs Kentucky

Pitt volleyball swept Kentucky to advance to the NCAA Semifinals in Louisville on Saturday at…

4 days ago

Photos: Pitt wrestling falls to Ohio State

Pitt Wrestling fell to Ohio State 17-20 on Friday at Fitzgerald Field House. [gallery ids="192931,192930,192929,192928,192927"]

4 days ago

Photos: Pitt volleyball survives Oregon

Pitt volleyball survived a five-set thriller against Oregon during the third round of the NCAA…

4 days ago