Threat of the month: Corporate zombies
Zombies are not just infected home PCs; rogue malware can also infect corporate machines turning them into zombies or bots.
How does it work?
Browsing with unpatched IE makes users susceptible to “drive by” attacks from web sites with embedded malicious code. Clicking on a spam email attachment can also download the zombie trojan. Once installed, the trojan hides itself, in some cases disabling desktop anti-virus software. It can be controlled by botmasters and forced to participate in malicious activity.
Should I be worried?
A security managers' worst nightmare is to have a third party controlling machines on their networks, and zombies do just that, with criminal intent. While the most visible symptom is spewing out spam and malware, these hidden programs can also compromise corporate data by logging keystrokes, opening backdoors, stealing information, and taking over additional machines on the network.
How can I prevent it?
First, use real-time email and web filtering solutions that block malicious email messages and web pages. Then, use a dynamic zombie detection system that can identify if your corporation has been compromised by identifying zombie traffic.
— Rebecca Steinberg Herson, Commtouch Software
From the - December 2007 Issue of SCMagazine »