NEWS: More Than One Million Computers Hijacked By Hackers

Security researchers have found that over one million personal computers connected to the Internet have been hijacked by 'hackers' to aid them in attacking websites and creating viruses. The group of researchers undertook "The Honeynet Project" which set computers up as "honey pots' to attract hackers and gather data about how the hackers work. The Honeynet project created software to log all internet activity on the systems used and to watch what happened to the systems once they were put online. The longest time it took for automatic tools to 'sniff' the open systems was only a few minutes and the fastest was only a few seconds before the machines were compromised by hackers forcing the machines to log into such programs as IRC to await instructions.



Windows security holes were used by the hackers to compromise systems such as systems on broadband that are left constantly connected to the Internet. Hacker attempts such as DDos attacks were found to be used by the compromised systems in which data is constantly flooded to a server which effectively shuts it down from the overload to the system.

If you ask me, computers are becoming most hassle than their worth. I was discussing this with a few friends the other day. Now that the internet has become a living organism with millions of computer illiterate users, it has become the perfect breeding ground for programs/virus’s/worms which will eventually cause the whole thing to collapse.

Nowadays, you don’t need to do anything to be infected by works and hacked, it just happens. The Blaster32 worm was a perfect example. When it was in the wild, I had to format my friends computer and set it back up for him. The moment we put the internet on it… Blasted! ‘Your computer will shut down in 30 seconds’. Chronic. May of my friends who are not fortunate to be as computer literate of me, have up to 20 services running in the background of their computers, without them known, which are spyware, ad ware, worms, Trojans, all sorts. Their computers run like slugs, but they don’t know that, because they don’t know how well their computer is capable of running… it’s always running sluggish because of these programs.

Anyone on windows XP here, right click on your taskbar and to go task manager. Click on the processes tab. Arrange the services by username, then take a look at all the services that are running under the username your logged on as. When I have no programs open, i.e. when the computer starts, I have 5 processes. The bare essentials and nothing else (Windows ones, firewall, anti-virus, MSN). Many people have loads and loads there, and they don’t realise how potentially damaging they are to not just their computers, but other computers on the web.

Now with virus’s soon to come out on mobile phones (give it 6-12months), society will start to see how much of a mistake computers were. Oh, they do have their advantages, don’t get me wrong. But they’re stressing everyone out!

Its time to go back to basics.

It's an ongoing battle with viruses. Used to all you needed was good anti-virus software, now its not so easy. Adware, Malware, Etc is a real pain and I would say most people on the internet have no idea what it is or what to do about it. I must say though, I find it to be a pretty good challenge cleaning out a machine, and makes me feel all good inside when I succeed. Except it usually takes me 2 to 3 hours to get it done. I always update to SP2, run a virus scan, and then I run adware, spybot search and destroy, HiJackThis, I go in and start deleting files, I open up google to search, just to be sure the file I'm deleting isnt an innocent file. In the end I run Microsoft Anti-Spyware and turn on all its nice little realtime security features.

I had an old man ask me once, "Should I just start using linux?"..... If it were only that easy.

"Linux users dont have these problems do they?"

"Well no, but thats because not many people use linux... Have you ever used Linux?"

"No."

"You're probably better off staying with Windows"

He then went off and bought a new PC

Hmmm. All the hackers I've read about were arrested for hacking into the DOD, FBI etc and compromising security, or for stealing money or trying to.

....So who wants to shut down the Internet, and why? ...Doesn't seem to be something that thieves and terrorists might benefit from doing.

Not shutting down, the net is too pervasive for an intentional shutdown. It may crumble under it's own weight, because it was not built to handle the load it is getting nowadays and due to the amount of security holes in poorly constructed critical software we are seeing these types of attacks rampage across the net. The only way to stop it completely would be to close off(ie Make it into a "Gated" Community of sorts) the net and that would be a bad thing IMO.

Best thing is always education. I have never caught any adware or virusus, mostly because I am carefull. I have sensitive data that is protected by quite a few measures but top amoung them is Security through Obscurity. Most people use computers nowadays to download the latest album, TV show or Movie. They go to places like Kazaa and Limewire which is infested with Adware and opens up your comp to many many types of attacks. If people were educated in how dangerous .exe files really are then we wouldn't have millions of hijacked comps out there.

EDIT: To answer your question of who benefitts from a shutdown of the net, No one would benefitt it's become to ingrained in the economy. If the net was shut down say hello to the next depression.

[edit on 18-3-2005 by sardion2000]

A bizarre twist, something to think about

Hackers want our information and SO DOES THE GOVERNMENT

Think about that.

Well soficrow, I do not think this is related to terrorism in any way either. BUt, in modern times, are you aware of how much financial damage could be caused by the shutting down of the internet. Business efficiency is highly attributed to internet networking and communications.

But it is amazing just how easy taking over vast numbers of computers is, obviously I shall not go into it here. But I would say within 24hours it would be very easy to "take over" a couple of hundred computers with relatively little work. As for taking down the average website, well that is childs play.

The average family firewall and anti-virus software will do nothing to stop a determined attacker, but frankly the majority of users could be considered "net-illiterate" and no hacking is required at all.

Originally posted by dgtempe
A bizarre twist, something to think about

Hackers want our information and SO DOES THE GOVERNMENT

Think about that.

What makes people so paranoid about the government? The government does not want your information, they already have it if you are a legal citizen. What they are looking for is information that leads to the criminal element. They do not care about the average law abiding person, some just think they do because they are paranoid about government.

[edit on 3/18/2005 by shots]

Shots, if i'm paranoid i owe it all to the powers that be.

I've been reading that the government IS checking Internet users for possible "terrorism"
Am i worried? No. I have nothing to hide.

Do i want my information looked at? No. I consider my information private and personal and dont want to be looked at as a possible this or that.

Big brother is not only watching, they're reading too...

Picture a man with a dirty raincoat stalking you all over town, snaping pictures of you. Would you allow that?
I consider this to be the same thing.

If security is a concern, there are solutions. For corporations it's a question of budgeting but for the average home user worried about hackers, it's about how truely concerned they are about it. Those that are, do something about it and those that are not, bitch about it!

Computers are not the mistake, as someone mentioned, but rather the lack of understanding and the motivation by those that use them. You can talk about the problem or focus on a solution. And talk of the internet being shut down by the administration or anyone in a position to do so is just naive. The economy depends, largely in part, on the wolrdwide network.

Longtime PC and Mac user...zero hacks, zero viruses, zero trojans. Learn the machine or the machine will learn you!

Just my 2¢.


[edit on 18-3-2005 by antipigopolist]

This is exactly why I unplug my cable line after each session. Since cable connections are ALL THE TIME, they are especially attractive to such intrusion... Firewalls and other programs are out there, just that most aren't educated about using them...and are too lax in running routine maint programs such as ad-aware and spybot (and don't forget to update!)

Heres what i tell my customers on a daily basis...the internet is no longer an amusement park....its a humongous city and about 3/4 of that city is the bad bad side of town. now if u willingly go on the bad side of town and stand naked on the corner with some crack in ur hand, ur gonna get attacked, raped and/or killed. Same thing with your computers. If u willingly goto the bad side of town of the internet..ie.. game cracks sites/p2p softwares/porn/so-called free stuff(nothings free anymore on the net without a price, and that price is spyware and viruses)... then your computer WILL be compromised if u dont properly protect it and yourself.

98% of the pcs in my shop are from teens using kazaa/imesh/limewire/gnutella/sharebear. Once the parents get a handle on what and where their kids are surfing, it usually lays the kybosh on the spyware/virus problems after i clean it. The ones that let their kids do whatever they like, usually are back within a month or two for another cleaning. But as always...thats just one mans observation.

(nothings free anymore on the net without a price, and that price is spyware and viruses)

Well Open-Source software is free. More people should be educated about the real free alternatives.

Originally posted by dgtempe
I've been reading that the government IS checking Internet users for possible "terrorism"
Am i worried? No. I have nothing to hide.

Do i want my information looked at? No. I consider my information private and personal and dont want to be looked at as a possible this or that.

Big brother is not only watching, they're reading too...

Picture a man with a dirty raincoat stalking you all over town, snaping pictures of you. Would you allow that?
I consider this to be the same thing.

Well you sure sound paranoid to me. If you have nothing to worry about, why all the hub bub about big brother is watching your or even reading what you write?

Surely you are not suggesting they are reading information that is on your personal computer are you? In order to do that they would need a search order or didn't you know that?

As for reading what you write on message boards such as ATS, sure they might be reading it, so are hundreds of others. Keep in mind you did post the information all on your own ergo you made the information public. Why are you only worried about the government when others can read the very same info? Shouldn't you be equally worried about others as well?





[edit on 3/18/2005 by shots]

Well Open-Source software is free. More people should be educated about the real free alternatives.

Sardion, I was referring to the windows/IE environment of everyday surfers...and i agree with you. the more educated the masses become about alternative oses, browsers and software in general...the better they/we will all be.

Considering the number of computers connected to the internet at any given time, 1 million infected is a drop in the bucket. Considering Viruses can easily infect 10,000 computers, its not that hard to believe that a few well placed and properly coded virii could take over a million computers. Then theres the Win9x crowd that has yet to get with the program of XP/2k and are ripe picking for the most baisc of attacks.

As for keeping your computers secure, its not so much that its hard, its that people are often lazy or just dont care, as they have enough money to get it fixed, or have a friend/family member who will wipe and reinstall the machine at a moments notice. AntiVirus, a Firewall, and up to date patches on your computer improves its security by leaps and bounds from the average script kiddie who only knows how to use canned programs to wreak their havoc. Real Hackers that put effort and brains into their actions arent concerned with launching DoS attacks, and don't care about the home users, they want the juicy servers that host something of value or are high-visibility targets for defacement.

The only way these numbers can be dropped is to continually beat the idea of of being pro-active into users untill they can update their AV, FW and OS in their sleep or after consuming a gallon of stron liquer without even batting an eye. Even current college courses in general computer literacy fail to drive home just how necessary it is to keep your machines up to date, so its not wonder we have 1M machines under someone elses control at any given time, the users are slacking off; at some point its going to become a end users responsiblity for what happens via their compromised machine, then maybe they will figure out that its not something they can just shurg off anymore.

Surely you are not suggesting they are reading information that is on your personal computer are you? In order to do that they would need a search order or didn't you know that?

Forgive me if I spit my coke all over my keyboard on that one.......Supposedly they need a search order would be a better way of writing that one I think......

Originally posted by dgtempe

[.............]

I've been reading that the government IS checking Internet users for possible "terrorism"
Am i worried? No. I have nothing to hide.

last thursday i had an e-mail labeled in such a way that indicated
I was visiting a FBI 'sensitive' site, and I was being (warned 2 discontinue?)
- -> I did not open the message, i just deleted it

Just another one of the many reasons why Macintosh computers rock.

I've obviously never been hacked, or attempted to be hacked (god i love macintoshs) but I HAVE been a victim of a DDos attack on an IRC server. Highly illegal. And, the things is, the kid who did it, we all knew him. He pissed everyone off, and so people acted mean towards him, banning him and such. So he attacked.

It's that part that gets me. I can understand hacking for money, identity theft, to bring down a competiting business, but it's the seemingly 'little' events that confuse me. There's no reason to do it. I've never been able to compete with illogic. I don't think anyone has, you never count on people to be as stupid as they are.

first we have to deal with theives stealing our wallets, purses, money, even our identity now they have an even better way of doing it.