What is a Zombie Computer?
In IT security we talk of a zombie computer if, in absence of the owner’s or user’s awareness, a computer is being remotely controlled by a person or group of cybercriminals. Such people create an army of zombie computers also known as botnet with the intention of doing something wrong or illegal with the computers they bring under their control. Zombie computers can, for instance, be used to send Spam or launch a DDoS attack explained in Bright Hub’s article What is a Denial-of-Service Attack?
As Spam and DDoS attacks also use up the victim computer’s bandwidth the user of the zombie computer will likely notice network and Internet congestion, but it can be doubted that users in general can tell what’s going on or are able to differentiate the phenomenon from other relatively heavy network traffic such as that caused by downloading large OS updates / upgrades for example. Other, less noticeable forms of using zombies include smart DDoS attacks and click fraud, which, in the context here, is when zombie computers are being instructed to visit web sites and click the perpetrator’s own advertisements thereby cheating ad networks such as Adbrite or Adsense for example.
Zombie computers have been infected with a blended threat consisting of remote control software plus malware which will not make any noise but wait silently till the cybercriminals decide they want to monetize them or launch an attack, and thus wake up their army of zombies. Zombie computes are being controlled by a number of intermediate computers which are also undermined but are not directly used in sending out Spam or participating in an attack, rather they send the wake up calls and instructions to the zombies whilst adding an additional layer of protection for the owner of the botnet which are difficult to trace and apprehend.
As a best practice of protecting against your computer becoming a zombie is a powerful up to date anti-virus and anti-spyware software running on top of a patched operating system. Unless there is a corporate firewall, perhaps even a network intrusion prevention and detection system, it is also recommend turning on Window’s integrated firewall or that of your anti-malware solution. Should you suspect your computer being zombie I recommend calling your admin or an IT specialist; do not power off your computer but disconnect the network cable.
References
- Author’s own experience