Security news
Security news29 February 2008
18-year-old alleged botnet king appears in New Zealand court Owen Thor Walker charged with computer crimes
Botnet computers are comandeered by hackers to send spam, steal identities and spread malware.
Experts at SophosLabs™, Sophos's global network of virus, spyware and spam analysis center, have reminded organizations of the threat posed by zombie networks after a teenager was accused of being at the center of an international cybercrime network.
18-year-old Owen Thor Walker, a computer programmer from Hamilton, New Zealand, has been charged with two counts of accessing a computer for dishonest purposes, damaging with a computer system, possessing software for committing crimes, and two counts of accessing a computer system without permission. If found guilty, Walker could face up to 10 years in jail.
When arrested in November 2007, it was alleged that Walker - known by his online handle 'AKILL' - was the boss of a gang that infected 1.3 million computers around the world, stealing banking and credit card information.
"Hackers can use zombie networks of innocent people's computers to send spam, manipulate stock prices, steal identities and attack company websites. These botnets are one of the biggest security problems faced by the internet today, and are a powerful weapon in the hands of an experienced cybercriminal," said Graham Cluley, senior technology consultant at Sophos. "Some people may feel that this case is a long way away because it's happening in New Zealand, but Sophos tracks thousands of compromised computers around the world every hour, doing the bidding of remote hackers. It is essential that computer users put in place strong defences to properly protect their PCs."
Walker appeared in Thames Magistrate's Court in northern New Zealand, and was released on bail. News of the charges against him follow the unconnected arrest last week of 17 young people in Quebec alleged to have infected up to a million computers in 100 countries around the world.
Last month Sophos published its annual Security Threat Report, which discussed how financially-motivated cybercriminals use zombie botnets in their pursuit of money.
- Download "Sophos Security Threat Report 2008"
- Download the podcast on the Security Threat Report 2008
Zombie computers - are your PCs under someone else's control?
Zombie computers can be used by criminal hackers to launch distributed denial-of-service attacks, spread spam messages or to steal confidential information. SophosLabs estimates that more than 99 percent of all spam today originates from zombie computers.
As spammers become more aggressive, collaborating with virus writers to create armies of zombie computers, legitimate organizations with hijacked computers are being identified as a source of spam. This not only harms the organization's reputation, but can also cause the company's email to be blocked by others.
Sophos ZombieAlert™ advises service subscribers when any computer on their network is found to have sent spam to Sophos's extensive global network of spam traps, and provides rapid notification to customers if their Internet Protocol (IP) addresses are listed in public Domain Name Server Block Lists (DNSBL). This information helps customers locate, disinfect, and protect these systems from future attacks.
About Sophos
Sophos enables enterprises all over the world to secure and control their IT infrastructure. Sophos's network access control, endpoint, web and email solutions simplify security to provide integrated defenses against malware, spyware, intrusions, unwanted applications, spam, policy abuse, data leakage and compliance drift. With over 20 years of experience, Sophos protects over 100 million users in nearly 150 countries with its reliably engineered security solutions and services. Recognized for its high level of customer satisfaction and powerful yet easy-to-use solutions, Sophos has received many industry awards, as well as positive reviews and certifications.
Sophos is headquartered in Boston, US and Oxford, UK. More information is available at www.sophos.com
