Zombie legions want your brain

Ever wonder why your e-mail’s spam box is always so full of ads for counterfeit pharmaceuticals (a.k.a. 'pharm spam'), penny stocks, sex aids, and fake Rolexes?

One reason is the opportunity to hijack millions of PCs to create botnets. This can happen by way of a driveby download (which can also steal your information without your knowledge). The download installs malware such as a Trojan, virus, or worm, and your computer becomes just one part of a vast army of zombie computers remotely controlled by a bot herder, sending out millions of spam messages, often containing malware or phishing scams, or launching denial of service attacks on Web sites.

A huge botnet called Walowdac, which sent out 1.5 billion spam e-mails a day containing the Waledac Trojan, was taken down in January, and the connection between the bot herder and the botnet computers severed. Yet, unknown to their owners, many of the zombie computers continued to operate through February. Many New Jersey computers were part of that botnet. Was yours?

Another reason for all those spam e-mails: Plenty of people actually respond to spam. When the order log from a spammer was accidently revealed on the Internet, an ad suggesting men use an herbal supplement to accomplish a biologically impossible feat resulted in six thousand orders over a one-month period from a wide range of people you might expect to know better.

According to a 2008 study, one person in 12.5 million responds to spam. (that’s a less than 0.00001 per cent reply rate). It might not seem like much, but this brought in more than $3.5 million a year to the 'Storm' network, a million-strong botnet which was declared dead in 2008, but, in true Zombie fashion, recently was found to have risen from the dead.

This is not to say that all botnets are up to no good. Botnets are essentially a form of distributed computing; many computers are linked together to perform work in parallel, accomplishing a lot more number crunching in a shorter period of time.

More than 10 years ago, the Search for Extraterrestrial Intelligence (SETI) at the University of California at Berkeley launched the SETI@home project, which allowed the average Internet geek to help look for aliens. Participants downloaded a program that would run in the background of their computers, and they could actually feel good about acting as “space minutemen,” ensuring that lizards in human suits didn’t sneak up on us and eat our lunch (or us).

Today, White Hat botnets are working on a range of projects, including climate change prediction, nano-magnetic molecular behavior observations, the search for pulsars, controlling malaria in Africa, and modeling the human mind. While this might not sound like fun to the random Farmville aficionado, it does actually help advance science. Something to think about the next time you click on that “What’s Your IQ?” link on Facebook that ultimately just wants your phone number so it can charge your phone bill $10 for your credulity.

Your computer's brain does not have to be Zombie food. But it's up to you to protect it. Use the following list in your Zombie survival planning, and your computer will not join the ranks of the Zombified.

The United States Computer Emergency Readiness Team recommends the usual security procedures like strong passwords and firewalls, and keeping both your anti-virus and other software up-to-date. While outdated anti-virus programs will miss ever new, improved and mutating viruses, your operating system (like Windows or Mac), browsers (like Internet Explorer, Firefox, Safari, Opera, or Chrome), e-mail and other programs often have vulnerabilities that require updates to protect them and keep them running well.

But just as in the fight against the real-life undead, awareness and vigilance should be your Internet companions. (May IS the official Zombie Awareness Month of the Zombie Research Society.)

Among a number of social engineering schemes cooked up by the 'Storm' gang were fake electronic greeting cards. E-cards have been a staple of our online lives--we send about half a billion e-cards a year--but that's all the more reason to pay closer attention to the links in greeting card e-mails.

If it's not shuffling around your house with hollow eyes and demanding "Brains!", how do you know if your computer has become a zombie?

If you note slower performance generally, slower Web page loading, random pop-up ads when your browser is closed, hard-drive sounds when you're not using your computer, and bounce notifications for e-mails you didn't send, run a virus scan (your updated anti-virus program should find it). A malicious software removal tool will help you get rid of the malware.

Remember: The reason spammers keep sending more and more spam is because people open it. So you can help by not even opening the spam and by not buy products advertised in spam. If you pretty much assume the Rolex isn't real, neither are the drugs, the stocks will fail, and there are just some things that are physically impossible, you won't be tempted.