There is a zombie attack happening! No, not the zombies we have all become so familiar with from movies and television. These zombies don’t have an appetite for humans but they are just as dangerous and you won’t even see them coming; In fact, you may already own a zombie controlled device at home. If so, it is very likely your device is just one of a vast network of thousands or even millions forming a botnet. A true zombie invasion!
Who hasn’t received that amazing email – “You have won $10,000 please click the link below to process your payment” – simple everyday spam, but is there just someone out there sending these emails to millions of people every day? Queue the attack of the zombies. As a result, in 2016 roughly 65 percent of email was spam and 80 percent of that was distributed by botnets. Spam is just one of the vast duties a botnet will perform. Other vulnerabilities it will try to exploit include:
- Performing phishing operations
- Identifying and infecting other machines, spreading viruses and malware
- Participating in DDoS attacks
- Generating abused clicks on an advertising link on a web page
- Capturing information on compromised machines
- Harnessing the computing power of machines or performing computing operations including distributed password cracking
- Conducting illegal trade operations by managing the access to unauthorized product sales sites or counterfeit via fast-flux
- Theft of bank cards – passwords
The Necrus Botnet
Possibly the world’s largest and most dangerous botnet is currently the Necrus Botnet consisting of over 6 million endpoints. Starting in 2014 Necrus began utilizing its zombie horde to release RansomWare upon the masses notably CryptoWall and Locky. CryptoWall alone stole close to $325 million dollars from infected users or companies in 2015. In 2016 Necrus began pushing the Dridex malware to its infected hosts, this malware’s sole purpose is to utilize macros from unpatched versions of Microsoft Word; thus, millions of devices around the world were infected.
Zombie Prevention Tactics
Stick with the basics.
- Current and correctly configured Anti-Virus software
- Patching and updates of all Operating systems and applications (this is imperative as in most cases hackers will know about an exploitable flaw before even the software vendor.)
- A fully updated and correctly configured business class firewall.
- User education (Don’t click where you shouldn’t or open attachments from unknown sources. Always double and triple check the sending email address.)
The zombie masses will only continue to grow and do everything they can to spread from system to system. Awareness and prevention can go a long way to keeping your device from becoming a casualty. Contact The TNS Group today to learn more about protecting your company or organization from malware such as this.
By: Steve Hathaway, Engineering, The TNS Group