As part of its Internet-security awareness program, Microsoft Corp has announced that it would track down zombie networks, which are home PCs that have been infected with viruses and have thus become participants in spamming and phishing networks.
To nab the culprits behind zombie networks, Microsoft intentionally downloaded a virus onto a computer and followed it closely. The company found that once the computer was linked to the Internet, it received five million connection requests from spam operators. As a result, the infected computer tried to send over 18 million spams in 20 days.
“This was a pretty astonishing number for us. We knew that it would be a high volume, but this was an even greater volume of spam than we had anticipated passing through one computer. The widespread use of zombie computers to commit crimes over the Internet presents a very real danger to law-abiding computer users,” said Tim Cranton, director of Internet Safety Enforcement Programs at Microsoft.
In August, Microsoft filed a lawsuit in King County Superior Court against the anonymous operators of these networks. “Microsoft brings about this action to halt and remedy defendants' practice of remotely controlling computers of unsuspecting victims and sending millions of misleading and deceptive unsolicited commercial email messages, or spam, through them,” the lawsuit says. The anonymous defendants for the lawsuit have been referred to as 'John Does'.
Through the lawsuit, Microsoft hopes to use the IP address route to identify and find 13 spam networks that made use of the zombie network the computer under surveillance participated in. If nabbed, those operating these networks will face criminal proceedings. “In two to three months, we will amend the lawsuit to name the spammers who are taking advantage. This is compelling information that will hopefully get people's attention. We're talking about criminal behavior here,” Cranton added.
According to the lawsuit, around 50 per cent to 80 per cent of spam are sent using the zombie network route. The lawsuit has alleged violation of CAN-SPAM Act of 2004 by the defendants. Earlier in 2004, Microsoft had brought about a lawsuit against eight alleged spammers under the same legislation.
Besides the lawsuit, the company has also released guidelines for Windows users to prevent their home PCs from becoming a part of the zombie networks. These guidelines include installing updated security patches regularly from http://update.microsoft.com, using firewall software, using updated anti-virus and anti-spyware programs, and being careful about opening attachments or opening links in inboxes and instant messages.
Helping Microsoft its fight against spammers is the Federal Trade Commission (FTC). FTC's Bureau of Consumer Protection spokesman Dan Salsburg said, “The FTC is taking aggressive steps to stop zombies and protect consumers, but consumers also need to insure that zombies aren't on their computers.” He urged consumers to visit http://onguardonline.gov for regular updates and guidelines to secure their computers against Internet mischief-makers.
