Zombies

A zombie is a computer that is remotely controlled and used for malicious purposes, without the legitimate user’s knowledge.

A virus or Trojan can infect a computer and open a “back door” that gives other users access. As soon as this happens, the virus sends a message back to the virus writer, who can now control the computer remotely via the internet. From now on, the computer is a “zombie”, doing the bidding of others, although the user is unaware. Collectively, such computers are called a “botnet”.

The virus writer can share or sell access to control his or her list of compromised computers, allowing others to use them for malicious purposes.

For example, a spammer can use zombie computers to send out spam mail. Up to 80% of all spam is now distributed in this way. This enables the spammers to avoid detection and to get around any blocklisting applied to their own servers. It can also reduce their costs, as the computer’s owner is paying for the internet access.

Hackers can also use zombies to launch a “denial-of-service” attack. They arrange for thousands of computers to attempt to access the same website simultaneously, so that the web server is unable to handle all the requests reaching it. The website thus becomes inaccessible.

See also Denial-of-service attack, Spam, Backdoor Trojan.

Sophos.com