Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Zombie (computing)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
{{Short description|Compromised computer used for malicious tasks on a network}} {{Use mdy dates|date=July 2017}} {{About|the term "zombie" in computer security|"zombie" in UNIX programming|Zombie process}} In [[computing]], a '''zombie''' is a computer connected to the Internet that has been [[computer security|compromised]] by a [[Hacker (computer security)|hacker]] via a [[computer virus]], [[computer worm]], or [[Trojan horse (computing)|trojan horse]] program and can be used to perform malicious tasks under the remote direction of the hacker. Zombie computers often coordinate together in a [[botnet]] controlled by the hacker, and are used for activities such as spreading [[e-mail spam]] and launching [[distributed denial-of-service attack]]s (DDoS attacks) against web servers. Most victims are unaware that their computers have become zombies. The concept is similar to the [[zombie]] of [[Haitian Voodoo]] folklore, which refers to a corpse resurrected by a [[Sorcerer (supernatural)|sorcerer]] via magic and enslaved to the sorcerer's commands, having no free will of its own.<ref>{{Cite web|url=https://www.ccexpert.us/port-security/zombie.html|title = Zombie - Port Security|date = August 3, 2021}}</ref> A coordinated [[DDoS attack]] by multiple botnet machines also resembles a "zombie horde attack", as depicted in fictional [[zombie film]]s. [[File:Circle of spam.svg|300px|right|thumb|(1) Spammer's web site (2) Spammer (3) Spamware (4) Infected computers (5) Virus or trojan (6) Mail servers (7) Users (8) Web traffic]] ==Advertising== Zombie computers have been used extensively to send [[Email spam|e-mail spam]]; as of 2005, an estimated 50–80% of all spam worldwide was sent by zombie computers.<ref>{{Cite web |author=Tom Spring |date=June 20, 2005 |url=http://www.pcworld.com/article/121381/article.html |title=Spam Slayer: Slaying Spam-Spewing Zombie PCs |publisher=PC World |access-date=December 19, 2015|archive-date=July 16, 2017|archive-url=https://web.archive.org/web/20170716042122/http://www.pcworld.com/article/121381/article.html|url-status=live}}</ref> This allows [[spammer]]s to avoid detection and presumably reduces their [[Bandwidth (computing)|bandwidth]] costs, since the owners of zombies pay for their own bandwidth. This spam also greatly increases the spread of [[Trojan horse (computing)|Trojan horses]], as Trojans are not self-replicating. They rely on the movement of e-mails or spam to grow, whereas worms can spread by other means.<ref>{{cite book|title=Managing Information in the Public Sector|page=221|first=Jay D.|last=White|publisher=M.E. Sharpe|year=2007|isbn=978-0-7656-1748-4}}</ref> For similar reasons, zombies are also used to commit [[click fraud]] against sites displaying [[pay-per-click]] advertising. Others can host [[phishing]] or [[money mule]] recruiting websites. == Distributed denial-of-service attacks == Zombies can be used to conduct [[distributed denial-of-service]] (DDoS) attacks, a term which refers to the orchestrated flooding of target websites by large numbers of computers at once. The large number of Internet users making simultaneous requests of a website's server is intended to result in crashing and the prevention of legitimate users from accessing the site.<ref>{{cite book|title=The Truth about Avoiding Scams|page=[https://archive.org/details/truthaboutavoidi0000weis/page/201 201]|first=Steve|last=Weisman|publisher=FT Press|year=2008|isbn=978-0-13-233385-6|url-access=registration|url=https://archive.org/details/truthaboutavoidi0000weis/page/201}}</ref> A variant of this type of flooding is known as distributed degradation-of-service. Committed by "pulsing" zombies, distributed degradation-of-service is the moderated and periodical flooding of websites intended to slow down rather than crash a victim site. The effectiveness of this tactic springs from the fact that intense flooding can be quickly detected and remedied, but pulsing zombie attacks and the resulting slow-down in website access can go unnoticed for months and even years.<ref>{{cite book|title=Internet and the Law|year=2006|page=325|first=Aaron|last=Schwabach|publisher=ABC-CLIO|isbn=1-85109-731-7}}</ref> The computing facilitated by the [[Internet of things|Internet of Things]] (IoT) has been productive for modern-day usage, yet it has played a significant role in the increase in web attacks. The potential of IoT enables every device to communicate efficiently, but this also intensifies the need for policy enforcement regarding security threats. Among these threats, Distributed Denial-of-Service (DDoS) attacks are prevalent. Research has been conducted to study the impact of such attacks on IoT networks and to develop compensating provisions for defense.<ref>{{Cite journal|last1=Lohachab|first1=Ankur|last2=Karambir|first2=Bidhan|date=2018-09-01|title=Critical Analysis of DDoSβAn Emerging Security Threat over IoT Networks|url=https://doi.org/10.1007/s41650-018-0022-5|journal=Journal of Communications and Information Networks|language=en|volume=3|issue=3|pages=57β78|doi=10.1007/s41650-018-0022-5|s2cid=52924506|issn=2509-3312|url-access=subscription}}</ref> Consultation services specialized in IoT security, such as those offered by [https://gravitechdreams.com/service/iot-consulting/ IoT consulting firms]{{dead link|date=January 2025|bot=medic}}{{cbignore|bot=medic}}, play a vital role in devising comprehensive strategies to safeguard IoT ecosystems from cyber threats. Notable incidents of distributed denial- and degradation-of-service attacks in the past include the attack upon the [[Spam Prevention Early Warning System|SPEWS]] service in 2003, and the one against [[Blue Frog]] service in 2006. In 2000, several prominent Web sites ([[Yahoo]], [[eBay]], etc.) were clogged to a standstill by a distributed denial of service attack mounted by '[[MafiaBoy]]', a Canadian teenager. == Smartphones == {{Update|section|date=April 2021}} Beginning in July 2009, similar botnet capabilities have also emerged for the growing [[smartphone]] market. Examples include the July 2009 in the "wild" release of the Sexy Space [[text message]] worm, the world's first botnet capable [[SMS]] worm, which targeted the [[Symbian]] operating system in [[Nokia]] smartphones. Later that month, researcher [[Charlie Miller (security researcher)|Charlie Miller]] revealed a [[proof of concept]] text message worm for the [[iPhone]] at [[Black Hat Briefings]]. Also in July, [[United Arab Emirates]] consumers were targeted by the [[Etisalat]] BlackBerry [[spyware]] program. In the 2010s, the security community is divided as to the real world potential of mobile botnets. But in an August 2009 interview with ''[[The New York Times]]'', cyber security consultant [[Michael Gregg]] summarized the issue this way: "We are about at the point with [smart]phones that we were with desktops in the '80s."<ref>{{cite web|url=https://gadgetwise.blogs.nytimes.com/2009/08/14/phone-hacking-threat-is-low-but-it-exists/|title=Phone Hacking Threat Is Low, but it Exists|first=Roy|last=Furchgott|website=Gadgetwise Blog|publisher=[[New York Times]]|access-date=July 16, 2017|date=August 14, 2009|archive-date=July 16, 2017|url-status=live|archive-url=https://web.archive.org/web/20170716042023/https://gadgetwise.blogs.nytimes.com/2009/08/14/phone-hacking-threat-is-low-but-it-exists/}}</ref> ==See also== * [[BASHLITE]] * [[Botnet]] * [[Denial-of-service attack]] * [[Low Orbit Ion Cannon]] * [[Malware]] * [[RDP shop]] * [[Trojan horse (computing)]] ==References== {{Reflist}} ==External links== {{external links|date=May 2017}} *[https://web.archive.org/web/20061230152432/http://www.vnunet.com/vnunet/news/2144375/botnet-operation-ruled-million Botnet operation controlled 1.5 million PCs] *[http://antivirus.about.com/od/whatisavirus/a/zombiepc.htm Is Your PC a Zombie? on About.com] {{Webarchive|url=https://web.archive.org/web/20110724184532/http://antivirus.about.com/od/whatisavirus/a/zombiepc.htm |date=July 24, 2011 }} *[http://tweezersedge.com/archives/2005/02/000534.html A detailed account of what a zombie machine looks like and what it takes to "fix" it] {{Webarchive|url=https://web.archive.org/web/20060427120006/http://tweezersedge.com/archives/2005/02/000534.html |date=April 27, 2006 }} {{Information security}} {{Malware}} [[Category:Computer network security]] [[Category:Denial-of-service attacks]] [[Category:Zombies]] [[Category:Botnets]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)
Pages transcluded onto the current version of this page
(
help
)
:
Template:About
(
edit
)
Template:Cbignore
(
edit
)
Template:Cite book
(
edit
)
Template:Cite journal
(
edit
)
Template:Cite web
(
edit
)
Template:Dead link
(
edit
)
Template:External links
(
edit
)
Template:Information security
(
edit
)
Template:Malware
(
edit
)
Template:Reflist
(
edit
)
Template:Short description
(
edit
)
Template:Update
(
edit
)
Template:Use mdy dates
(
edit
)
Template:Webarchive
(
edit
)