On The Insider: Britney's Bikini-Clad Top 10
BNET Business Network:
BNET
TechRepublic
ZDNet

October 21st, 2008

Zombie PCs: 'Time to infection is less than five minutes'

Posted by Andrew Nusca @ 9:24 am

Categories: Offbeat news

Tags: Infection, PC, Microsoft Corp., Zombie, Computer, Productivity, Internet, Security, Viruses And Worms, Andrew Nusca

ZombiesA fascinating — and horrifying — new article in The New York Times offers the lowdown on “zombie computers,” the half-a-million-or-so machines that are converted, assembled into systems called “botnets” and forced to do a shadowy figure’s bidding, namely in the form of automated programs that send the majority of e-mail spam, illegally seek financial information and install malicious software on still more PCs.

Lock up your Windows and children!

In what sounds like the plot of 28 Days Later — computer “rage,” anyone? –  the Times reports that botnets are alive and strong, according to shadowserver.org, a site that tracks such things:

“The mean time to infection is less than five minutes,” said Richie Lai, who is part of Microsoft’s Internet Safety Enforcement Team, a group of about 20 researchers and investigators. The team is tackling a menace that in the last five years has grown from a computer hacker pastime to a dark business that is threatening the commercial viability of the Internet.

Great Scot! The simple reality of these bots is terrifying to the security-minded: Any computer connected to the Internet can be vulnerable. Botnet attacks can come with their own antivirus software, permitting the programs to take over a computer and then effectively remove other malware competitors.

According to the article, Microsoft investigators “were amazed recently to find a botnet that turned on the Microsoft Windows Update feature after taking over a computer, to defend its host from an invasion of competing infections.”

Good lord. What’s more, botnets have evolved quickly to make detection more difficult, recently using “fast-flux,” a technique that generates a rapidly changing set of Internet addresses to make the botnet more difficult to locate and disrupt.

Yikes. So what’s a user to do?

First, take Microsoft’s Malicious Software Removal Tool out for a ride. Then make sure your firewall is up and you’re up to date with all security patches.

Then pray. Because these zombies are hard to find, much less kill. Just last week, Secunia, a computer security firm,  tested a dozen leading PC security suites and found that the best one detected only 64 out of 300 software vulnerabilities.

Has your computer ever gone zombie? Tell us in TalkBack.

Andrew NuscaAndrew J. Nusca is an associate editor for ZDNet and SmartPlanet. See his full profile and disclosure of his industry affiliations.


Email Andrew NuscaFollow on Twitter

Subscribe to The ToyBox via Email alerts or RSS.

  • Talkback
  • Most Recent of 287 Talkback(s)
RE: Zombie PCs: 'Time to infection is less than five minutes'
The source article from the NYT, is a re-hash of an article from 2003, not current news. Note that the article references "An early version of Windows XP". Also note that the NYT article is from October 2008. . . . .

This "mean time to infection less than five minutes" crops up every year.... (Read the rest)
Posted by: medezark@... Posted on: 10/01/09 You are currently: a Guest | | Terms of Use
What is a user to do????  DonnieBoy | 10/21/08
One word.  Sleeper Service | 10/21/08
Agreed, NO Windows.  DonnieBoy | 10/21/08
Until you get a large enough market share  mdemuth | 10/21/08
Market share or none...  storm14k | 10/21/08
(Yawn) $10 eBay router, best firewall  Seamus O'Brog | 10/23/08
Not so fast swifty  madirish2600 | 10/24/08
That old nonsense?  kozmcrae | 10/21/08
Uninformed  TedKraan | 10/22/08
Until you get a large enough market share  Thempleton | 10/22/08
Market-share  alqualunde@... | 10/22/08
Ignorance  sir4taye@... | 10/22/08
Your crystal ball has as many holes in it  Ole Man | 10/22/08
Okay, my pupil..  TedKraan | 10/23/08
[rolling eyes] "can you say . . .  brian ansorge | 10/23/08
ZZZZZzzzz - stupidity is boring....nt  USTechHead | 10/22/08
On word:  Anne O'Neimaus | 10/22/08
Unless  AzuMao | 10/27/08
What a bunch of clueless idiots  Mectron | 10/23/08
Yes devil  Linux User 147560 | 10/21/08
Culture Minds ...  daboochmeister | 11/06/08
better "one word"  TG2 | 11/13/08
Sweet  AzuMao | 11/14/08
Enough already!  Flying Pig | 10/21/08
Best case?  Yagotta B. Kidding | 10/21/08
Living in paradise...  tgilbert@... | 10/21/08
Some places won't be able to run Linux  markdean | 10/21/08
Even then SOME PEOPLE CAN'T USE LINUX  library assistant | 10/21/08
Send a check?  kozmcrae | 10/21/08
So are you buying?  library assistant | 10/21/08
another troll  do it yourself IT | 10/21/08
You have it backasswards.  kozmcrae | 10/21/08
You guys are missing the point... Epic FAIL...  Wolfie2K3 | 10/22/08
@wolfie2k3: Ouch  TedKraan | 10/22/08
85 hours x $100/hr = $85,000 ? ? ? ?  michael.detroit@... | 10/22/08
You'd better hope your boss don't read that, Wolfie2K3  Ole Man | 10/22/08
@Wolfie  User07734 | 10/23/08
Ever heard of competition?  Ole Man | 10/21/08
Well said.  kozmcrae | 10/21/08
Ok... So what you're really saying here...  Wolfie2K3 | 10/22/08
Have you looked at Linux??  BryanReyn | 10/22/08
...the Fittest  Q'sDad | 10/22/08
Wolfie, u may be a Windoze Whizz BUT(T).....  btljooz | 10/22/08
Go back and read what I said, s...l...o...w....l...y...  Ole Man | 10/22/08
"first Windows . . . "  brian ansorge | 10/23/08
Message has been deleted.  EmperorDarius | 10/22/08
We don't need any help.  kozmcrae | 10/22/08
Who is it holding a gun to your head?  Ole Man | 10/22/08
Suggestions you want.  TripleII | 10/21/08
Agreed.  AzuMao | 10/27/08
Thinking about Wine and Accountants....  SaipanMan95 | 10/22/08
Quickbooks equivalent in Linux  btljooz | 10/22/08
PS:  btljooz | 10/22/08
You're wrong. Most won't.  Flying Pig | 10/22/08
News for you  daengbo | 10/23/08
Just see what happens if Linux were as popular as Windows...  kozmcrae | 10/21/08
Correction  daengbo | 10/23/08
Indeed correct  TedKraan | 10/23/08
semantics  User07734 | 10/23/08
windows IS multi-session... kinda...  robsku | 10/23/08
rewrite windows?  robsku | 10/23/08
False statement.  TripleII | 10/21/08
Interesting idea  TedKraan | 10/22/08
Couple of links.  TripleII | 10/22/08
Try working in the REAL world of IT  Flying Pig | 10/22/08
sad  gertruded | 10/22/08
Not Sad At All  Flying Pig | 10/22/08
Then use a VM or upgrade to Vista.  TripleII | 10/22/08
Actually, we are  Flying Pig | 10/22/08
Re: Try working in the REAL world of IT.  hkommedal | 10/22/08
You are right!  Ole Man | 10/22/08
The key word is "mainly"  Flying Pig | 10/23/08
I don't know, but you just may have locked yourself down  Ole Man | 10/22/08
Been there, read that (with addendum)  Flying Pig | 10/23/08
Ahhh, yes, now I see  Ole Man | 10/23/08
"Amen and Amen" from a Linux user  Seamus O'Brog | 10/23/08
Under the Radar  JsloNt@... | 10/21/08
In some sense, yes  markdean | 10/21/08
Patently FALSE...  SpikeyMike | 10/21/08
Don't you mean  TedKraan | 10/22/08
Patently  daengbo | 10/23/08
If you have  TedKraan | 10/22/08
FUD  gertruded | 10/22/08
Linux uhh no big NO!  JR2012 | 10/21/08
Hey!  kozmcrae | 10/21/08
Nawww!  Ole Man | 10/21/08
Uh, yes is what you were looking for  zkiwi | 10/21/08
You would be the first.  TripleII | 10/21/08
Good post  TedKraan | 10/22/08
will wine run the spyware?  nazcalito | 10/21/08
Yes  TedKraan | 10/22/08
WINE & spyware  robsku | 10/23/08
Or learn how to admin a Windows box...  Confused by religion | 10/21/08
Yes... but no.  magallanes | 10/22/08
LOL - thank you...cha-ching...nt  USTechHead | 10/22/08
Better word...Jail  Modgirl | 10/22/08
Far be it from me...  Anne O'Neimaus | 10/22/08
" Security is mostly superstition. It does not exist in nature"  Ole Man | 10/22/08
Wow!  Ole Man | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  Telix | 10/21/08
Ok, agreed, OpenBSD is more secure.  DonnieBoy | 10/21/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  Loverock Davidson | 10/21/08
Have to agree  frgough | 10/21/08
two years or so out of date, sorry  rousta_bout@... | 10/21/08
Dial-up users can be safe...  Anton Philidor | 10/21/08
Protection for dial-up users  kwwall@... | 10/22/08
You're absolutely correct...  LiquidLearner | 10/21/08
No doubt!  daMan25 | 10/21/08
you ought to read the article  rousta_bout@... | 10/21/08
Like we are going to believe you over the New York Times?! LOL  Linux User 147560 | 10/21/08
I agree with Loverock...  Mahegan | 10/21/08
Yup.  joe.smetona@... | 10/21/08
Because...  ye | 10/21/08
I don't use Vista, but...  joe.smetona@... | 10/21/08
Will you be the first one to...  ye | 10/21/08
Windows had to change from the ground up.  joe.smetona@... | 10/21/08
I didn't see any explanation as to...  ye | 10/21/08
OK Here's 3 off the top of my head:  markdean | 10/21/08
BZZT! Care to try again?  ye | 10/21/08
@ye: Okay  TedKraan | 10/22/08
@TedKraan: Just what is this supposed to prove?  ye | 10/22/08
@ye: Spot the differences:  TedKraan | 10/22/08
ELF  daengbo | 10/23/08
So about that 5 minute thing?  zkiwi | 10/21/08
As is usual it's outdated information.  ye | 10/21/08
So...  zkiwi | 10/21/08
The five minute average is referring to XP systems pre-SP2  ye | 10/22/08
Ah well...  zkiwi | 10/22/08
how come there are all those botnets.  deowll | 10/21/08
Applications  TedKraan | 10/22/08
Attack vectors come from even the unsuspected sources  mystic100 | 10/22/08
OMG - real world?  waltmaine | 10/21/08
I think the study you are refering to...  deowll | 10/21/08
The real problem  TedKraan | 10/22/08
"no chance"? I'd dare say that is too broad a brush  markdean | 10/21/08
Baby steps Loverock...  kozmcrae | 10/21/08
Trouble is, once you click "I agree" to your EULA  Ole Man | 10/21/08
Mr Davidson  TedKraan | 10/22/08
This is what I would do  mystic100 | 10/22/08
That's an option  TedKraan | 10/23/08
so what's a user to do?  elllroy | 10/21/08
Don't you wish it was that easy  Zeddd | 10/21/08
The only problem with that argument...  storm14k | 10/21/08
Ah ... the solution at last?  tgilbert@... | 10/21/08
For once your sarcasm hit the spot  Ole Man | 10/21/08
Who's reading my logs?  tgilbert@... | 10/22/08
As a PC gamer  TedKraan | 10/22/08
attempt to DOS them off the internet since its all they can do.  deowll | 10/21/08
So there is a HOPE diamond...  arminw | 10/21/08
Think of malware as a bull in a pasture  Ole Man | 10/21/08
All three were vulnerable to that hack.  kozmcrae | 10/21/08
Correction -- Linux machine not compromised  daengbo | 10/23/08
don't be ridiculous  library assistant | 10/21/08
Hey Microsoft.  kozmcrae | 10/21/08
I'd love to tell Microsoft  library assistant | 10/21/08
They have the best and highest paid, you won't tell them anything.  kozmcrae | 10/22/08
Time to infection is less than five minutes  3D0G | 10/21/08
From the article:  ye | 10/21/08
5 Minute quote came from MS  j.m.galvin | 10/21/08
But he was spot on when he said...  ye | 10/21/08
Wrong.  macoafi | 10/21/08
He was quoting the number given in the article.  ye | 10/21/08
Agreed, but  daengbo | 10/24/08
I can't be certain but...  deowll | 10/21/08
So, the article is actually about  Mahegan | 10/21/08
Actually No.  The_Quietman | 10/21/08
Misguided if so  Yagotta B. Kidding | 10/21/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  SoftwareDeveloperMI | 10/21/08
Looks like you need to upgrade to Vista.  ye | 10/21/08
Vista isn't any safer.  The_Quietman | 10/21/08
An OS can only do so much.  ye | 10/21/08
A friend with 2 young kids.  joe.smetona@... | 10/21/08
... and a trained monkey  tgilbert@... | 10/21/08
It's called real life experience.  joe.smetona@... | 10/23/08
Give your friend and his two young kids an unprivileged...  ye | 10/21/08
Big Difference $$$$$$$$$  joe.smetona@... | 11/21/08
Re: joe.smet  AzuMao | 11/22/08
Re: AzuMao  joe.smetona@... | 12/31/08
=P  AzuMao | 01/01/09
But Vista  TedKraan | 10/22/08
Did they give you a none privileged account?  deowll | 10/21/08
The CanSec security challenge illustrated that.  ye | 10/21/08
Those end runs will get you every time.  kozmcrae | 10/21/08
It is my understanding Flash installs...  ye | 10/22/08
Not system  daengbo | 10/24/08
determined to punch holes in Windows security  Ole Man | 10/21/08
Here is what you do:  CobraA1 | 10/21/08
Beware your Linux and Mac friends?  roystonlodge | 10/21/08
You responding to the right person?  CobraA1 | 10/21/08
They are not...  arminw | 10/21/08
How could Windows become any harder to infect?  ye | 10/21/08
I'd invite you to check your statistics  CobraA1 | 10/21/08
Mac or OSX?  roystonlodge | 10/22/08
Truth? Or truthiness?  Yagotta B. Kidding | 10/21/08
As far as I'm concerned  tracy anne | 10/25/08
There's basically 2 groups here.  joe.smetona@... | 10/25/08
Then just move to linux!  bendib | 10/31/08
oh, and you can get linux free at my site!  bendib | 10/31/08
Any AV I've seen for Linux is really for Windows.  joe.smetona@... | 12/31/08
Assume everybody has a virus.  deowll | 10/21/08
Or use Norton  library assistant | 10/21/08
It's not "use Norton"  kozmcrae | 10/21/08
Nah  library assistant | 10/21/08
Norton is the worst  EmperorDarius | 10/22/08
Who do you trust?  tgilbert@... | 10/21/08
Damages?  kozmcrae | 10/21/08
Paranoid schizophrenics  Ole Man | 10/21/08
Irony?  CobraA1 | 10/22/08
RE: Zombie PCs: Microsoft is in on the infections  TomDeMan | 10/21/08
Unfortunately, you're wrong.  Alan Burns | 10/21/08
Just a question  deowll | 10/21/08
They write the virus to keep you scared.. THINK ABOUT IT  PenguinPowerPusher | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  Regman999 | 10/21/08
What!! No Porn!!!...  Regman999 | 10/21/08
It sounded so nice...  MGP2 | 10/21/08
A couple of (maybe stupid) questions...  roystonlodge | 10/21/08
How to tell  JsloNt@... | 10/21/08
How to tell  rob@... | 10/22/08
Not 100% sure.  deowll | 10/21/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  TomDeMan | 10/21/08
No power = dead bot  charlesurrea@... | 10/21/08
What to do?  Yagotta B. Kidding | 10/21/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  rob@... | 10/21/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  drdata@... | 10/21/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  rcalahan1@... | 10/21/08
Process or program name for the Zombie?  Curiousguy99 | 10/21/08
I am not a troll  library assistant | 10/21/08
Not sure who you are replying to, however...  TripleII | 10/21/08
This really shows the unwise choice in XP for UMPC.  TripleII | 10/21/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  jwintersmith@... | 10/21/08
You need to call your doctor!  TripleII | 10/21/08
RE: More media sensationalism.  Bozzer | 10/21/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  JOHN_TUOHY | 10/22/08
@Wolfie2K - 100 *85 =8500 and not 85.000  Kostagh | 10/22/08
didn't even notice that..  TedKraan | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  Kostagh | 10/22/08
I just don't get you guys...  Kostagh | 10/22/08
The story was about  TedKraan | 10/22/08
How do you know?  TripleII | 10/22/08
Yep, I have my Windows boxes locked down tight, too  Ole Man | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  mike acker | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  no_zd_user_name | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  medezark@... | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  dtoro | 10/22/08
Must be a humorous piece.  alf@... | 10/22/08
Actually, because:  btljooz | 10/22/08
Can be evaded  EmperorDarius | 10/22/08
I wish u luck, E.D., ur gonna NEED it! n/t  btljooz | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  cmcintosh | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  Franciscus101 | 10/22/08
Take a look at distros like Ubuntu and PCLOS.....  btljooz | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  oneoldgeek@... | 10/22/08
The above post was aimed at Wolfie and is on target. n/t  btljooz | 10/22/08
Is market share to blame? Does Linux = Windows?  davidr69 | 10/22/08
Cooper Tires in Union workers  Dilberter | 10/22/08
Cause and effect  davidr69 | 10/22/08
It's one of the common misperceptions  TedKraan | 10/23/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  Dilberter | 10/22/08
It's no longer a game, so they're not thinking like a gamer  spec07 | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  bj70117@... | 10/22/08
m0n0wall  j.dupont | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  jackofalltradesmasterofnone | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  jackofalltradesmasterofnone | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  CBR1000F | 10/22/08
Time to infection is less than five minutes?  gbentley@... | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  Ozone71 | 10/22/08
What dark figure would attempt to infect 0.9 % of PC users?  transposeIT | 10/22/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  zdnet@... | 10/23/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  Lars777 | 10/23/08
OS is irrelevant  Dr_Zinj | 10/23/08
Much Improved  nucrash | 10/23/08
Restricted Users  Island Gecko | 10/23/08
Linux is a great solution, but it is not feasible for everyone...  tracy anne | 10/24/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  ereshkagal | 10/23/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  swamprob@... | 10/23/08
Pleeeeease don't say "Get Linux"  tracy anne | 10/24/08
So it's Linux or nothing?  swamprob@... | 10/24/08
Why not ask your daddy?  Ole Man | 10/24/08
No, it's not Linux or nothing  tracy anne | 10/25/08
A ZDNet search engine  Ole Man | 10/24/08
Yikes. So what's a user to do?  tracy anne | 10/24/08
this news is pure FUD.  qmlscycrajg | 10/24/08
Hey!, you just made an oxymoron  Ole Man | 10/24/08
Who has a PC connected to the internet without a firewall any more??????  Narg | 10/24/08
A firewall will not protect you  schmandel@... | 10/24/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  dalgleish100 | 11/11/08
RE: Zombie PCs: 'Time to infection is less than five minutes'  medezark@... | 10/01/09

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
Keep Up With The Latest In Document Management with The DocuMentor.
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
Learn more >>
The best support in the Linux business
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
Learn more >>
Reduce risk. Reduce complexity. Increase reliability.
A simplified IT environment isn't just less complex. It's also more reliable. Standardize on a single Linux platform with SUSE Linux Enterprise from Novell, and get the world's most interoperable Linux
Learn more >>
Learn more about tools to grow your business
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
Save time with the UPS Business Essentials Guide
Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
Learn more about the free, six-month trial offer>>
The best support in the Linux business
If Linux is going to power your mission-critical applications, you'd better have the best support known to business. Novell was rated the top provider of Linux technical support.
Learn more >>
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
Click Here