Many PCs are slow for innocent reasons: not having enough RAM or having too many programs installed. But sometimes slowdown is a sign your computer has been hijacked and forced to join an army. A zombie army.
It sounds like the plot of a direct-to-DVD horror movie, but it's actually the latest, and most dangerous, threat to emerge from the internet criminal underworld.
How Your Computer Becomes a Zombie
Zombification, just like in the movies, happens quickly. According to Sophos, a security firm, it only takes as little as five minutes of internet exposure for unprotected computers to catch the infection.
It happens like this: criminals create programs that scan the internet for vulnerable computers. Once they find one, they release 'bots' – programs that infect your computer. These are extremely sophisticated and hard-to-detect nasties that exploit weaknesses in Windows that make them incredibly hard to find. In one study, a top-of-the-line anti-virus program missed a whopping 80% of all infections.
After bots hit your computer, they... kill other bots or infections. That's right, most bots carry their own anti-malware code to eliminate all rivals. Once they're the only ones left, the real damage begins.
Bots make your zombified computer (also known as a drone) join up with other zombie PCs, to create an undead army known as a botnet. These botnets are controlled by a botnet herder - think of him as a zombie master – who often has hundreds or thousands of computers at his command. With this unprecedented computing power at his fingertips, he's ready for some serious criminal mischief.
What's So Bad about Being a Zombie?
Botnets are responsible for almost all of the illegal spam cluttering the world's inboxes, and they do everything from stealing financial information to shutting down websites by overloading their bandwidth in Distributed Denial of Service Attacks.
You won't know this is going on, but since your computer is busy committing crimes, it'll be a lot slower doing all the legitimate stuff you want it to do.
Worse still, the bot is probably spying on you. Most of these programs record keystrokes (it's called keylogging) so they can steal passwords. Keylogging is usually triggered by certain actions – such as when you visit your bank's website.
Prevent or Kill the Zombie Infection
A good, updated commercial anti-virus tool can detect some of the bots and eliminate them. But the best offense is a good defense. According to Shadowserver, a respected, non-profit security watchdog group, the worldwide global menace of botnets could be stopped in its tracks if more computers were properly protected.
Here's what they recommend:
- Turn your firewall on.
- Use a trusted commercial anti-virus tool that routinely updates. If your subscription is cancelled, it's worth renewing it.
- Make sure you regularly get the latest updates for Windows and all your applications – criminals are working 24 hours a day, every day, discovering new exploits to hijack your PC, and you have to be as well-defended as possible.
- Cross your fingers. It's tough out there.