Pittsburgh might be ground zero for the inevitable zombie invasion, but Microsoft is already… Pittsburgh might be ground zero for the inevitable zombie invasion, but Microsoft is already fighting a zombie army that transcends borders.
Sure, computer zombies probably won’t eat your brain, but they have become one of the most serious threats to any computer with an Internet connection.
A new virus network, the Waledac botnet, is a large and formidable enemy of virus-free computers everywhere. The spam that the Waledac network sent can contain scams to secure personal information and steal identities.
A botnet is a network of computers infected by a virus code — in this case the Waledac virus. Once infected, computers become “zombies” that appear to be working normally to their users, but behind the scenes, they are at the mercy of the hacker who can give them the fatal bite.
Zombie computers are commonly used either to spread the virus itself — which makes the Waledac virus even more formidable — or to send out large quantities of spam.
Computers connected through the Waledac network have many means of communicating. Microsoft seems to take the position that the Waledac computers communicate primarily using a series of registered domain names.
Microsoft is going after these domain names in its recent quest against the spread of these zombie viruses.
It’s commonly thought that Microsoft is reactive — rather than proactive — to malware and security issues. We want to blame the company for making a fundamentally insecure product and patching those holes only when someone exploits them.
No matter how much we want to avoid admitting it, Microsoft has attempted to strike first by using the legal system to fight the battle against security threats.
Microsoft recently and successfully attacked a botnet, Waledac, through the court system. A botnet is a collection of “zombie” computers under the influence of a virus. Like zombies, any computer could be infected, and we might not notice until its too late.
With this success, Microsoft announced that it will attempt to attack other botnets with a similar tactic. Shutting down these botnets would put a large dent in the population of security threats affecting Microsoft Windows machines.
As a result, Microsoft turned to the legal system.
To reduce the influence and damage of the Waledac network, Microsoft developed a legal tactic of proactively removing domain names from the Internet.
With the help of VeriSign, the company that registered the domain names, Microsoft successfully had 277 domain names deregistered and shut down.
While the true success of Microsoft’s legal maneuverings is questioned, Microsoft declared victory over Waledac and plans to use similar legal attacks on other botnets.
According to a PCWorld article, written by Gregg Keizer and published Feb. 25, critics of Microsoft’s legal tactic cite the abilities of Waledac and similar networks to communicate without the registered domains.
Keizer quoted a representative of SecureWorks, a company describing itself as “the information security experts,” as he explained the way by which Waledac computers can work around shuttered domain names.
Computers in the network have the ability to communicate directly with one another through hard-coded addresses, put in place by the original Waledac virus.
To attack these hard-coded addresses, Microsoft would be forced to bar specific computers from access to the Internet.
Even if disconnecting a single computer was not legally ridiculous, Lavasoft, the maker of the anti-malware software Ad-Aware, estimates on its website that Waledac consists of 20,000 to 30,000 infected computers.
Even if Microsoft’s critics are correct and the Waledac network is not truly crippled, Microsoft’s commitment to trying its legal avenues is refreshing.
If Microsoft begins to attack these botnets from multiple angles and explores even more legal methods of shutting down the backbone of the zombie networks, real reductions in spam and Trojan virus spread might occur.
Unfortunately, for now the legal tactics, combined with Microsoft’s ongoing strategy of patching security issues when they arise, are commonly insufficient in protecting computer users from becoming victims.
Lavasoft urges computer users to take common sense precautions to prevent infection. The company suggests that Microsoft users keep their virus definition files and virus scan software up to date.
Users should also refrain from opening e-mail attachments — even images — from unknown senders.
The Waledac virus can also be downloaded from a series of malicious sites. Users should therefore not follow links directly from e-mails and should never agree to install extension applications from unfamiliar websites.
Waledac malicious sites can commonly inform the user that an executable file must be downloaded and installed for additional content on the site to become visible.
Keeping up to date with Microsoft’s security patches is also an excellent idea.
Good news is coming from the world of virus prevention, but it seems that the best defense is just more defense.
Virus prevention seems to be a game of lowering your chances of infection by preventing the obvious exploitable security holes.
From hosting a “kiki” to relaxing in rural Indiana, students share a wide scope of…
Pitt women’s basketball defeats Delaware State 80-45 in the Petersen Events Center on Wednesday, Nov.…
Recent election results in such states have raised eyebrows nationwide, suggesting a deeper shift in…
Over the past week, President-elect Donald Trump began announcing his nominations for Cabinet secretaries —…
Pitt professors give their opinions on what future reproductive health care will look like for…
Pitt police reported one warrant arrest for indecent exposure at Forbes and Bouquet, the theft…