What are Zombie Computer?

Information SecuritySafe & SecurityData Structure

Zombie computer is a computer under grab of a spammer who has infected the computer connected to a network with malware so that it facilitates as a tool of a spammer by sending out hundreds of emails from the owner’s email address. Therefore, an innocent user’s computer sends hundreds of spam messages without the awareness of the user. The spammers arrange zombie computers into small teams known as botnets. These botnets send spam such as phishing attempts, viruses and worms.

Computers become element of a zombie network through malicious application (malware) that is unknowingly installed by users or automatically installed through a security network's back door, or by corrupting internet browser vulnerabilities.

The malware leaves particularized networking ports open, enabling computer access by external users. Zombie networks run same types of malware that can be several networks operated by multiple criminal entities (cyber or otherwise).

In Zombie computer, it is used as follows −

Denial-of-Service-Attacks − One of the famous ways zombie computers are used is in denial-of-service-attacks, generally called a DDoS. In these attacks, several computers tries to access one website concurrently. The higher number of computers at the hacker’s disposal, the higher the attack.

In turn, if the site does not have the resources to host the several computers that tries to visit it, the site’s server will unavoidably crash and because these threats appear from several computers, it makes it complex to determine and shut down the initial source of the attack. Accordingly, hackers can extort the owners of the site for money, and in turn, assurance to stop future attacks.

Phishing − Phishing is a simple way to hack the password of some user. In this attack, the hacker request the user to enter his password. In the phishing email, a hacker sent the fake login page to the undisputed user, which is related to any service, the hacker required to access.

The page requests the user to write some bad issues which it can discover in their security. After that, the page glance their password. The hackers can use that password to receive the sensitive data of the user.

Spidering − The techniques which are used in phishing attacks and social engineering attacks are also used in spidering. Savvy hackers have learned that the passwords used in the corporate workstation are made of business-associated words. In the brute force attack, the custom words list is constructed by Website sales material, listed users on websites, reviewing corporate literature, and website of competitions. The procedure is automated by savvy hackers.

Updated on 03-Mar-2022 09:48:52