X

Zombie army camped out on AOL, report says

Big ISPs are the top source of attacks by hijacked PCs, survey says. Not surprising, retorts AOL--we've got a lot of members.

Reuters
See full bio
2 min read
Internet "zombie" attacks that attempt to knock computer systems offline are more likely to come from users of America Online than any other source, according to a new report.

AOL and other large Internet service providers serve as launching pads for most denial of service attacks, according to a report released Tuesday by Prolexic Technologies, which helps companies fend off such attacks.

Other top sources of such attacks include T-Mobile's German-based service; Wanadoo, a French Internet provider; and Comcast.

Prolexic's chief technology officer, Barrett Lyon, said the report could indicate that some Internet providers don't protect their customers as much as EarthLink and other companies that don't show up on the list.

"Their clients may be exposed differently, or they may be doing a poor job of filtering certain things from their clients," Lyon said, referring to AOL and the other providers named in the report.

But such figures only show that AOL has a much larger user base than other Internet providers who account for nearly as many attacks, company spokesman Andrew Weinstein said.

"This survey is a huge victory for our members. If they're three-to-four times less likely to be compromised than their peers, that's not a bad thing," Weinstein said.

AOL provides antivirus, anti-spyware and firewall services for its members, and those who are compromised probably haven't updated their software recently, he said.

Zombie army
Denial-of-service attacks harness thousands of computers in a coordinated effort to knock Web sites or other computer systems offline through an unrelenting data blitz.

Early DoS attacks targeted the U.S. government or high-profile online vendors like eBay. Over the past year, criminals have used DoS attacks to extort payments from online gambling operations, banks and other businesses, or to attack competitors.

Cybercriminals use worms or viruses to secretly hijack unprotected computers to use in such attacks. Zombie networks also are used by spammers to cover their tracks.

DoS attacks are increasing in frequency from one or two a month to one or two a week as attackers constantly try different methods to take down their targets, Lyon said.

The U.S. Federal Trade Commission last month asked Internet providers to disconnect their customers' computers if they find they have been compromised. Law enforcers in 25 other countries are also taking efforts to shut down such zombie networks.

Though U.S.-based computers were responsible for the largest portion of DoS traffic at 18 percent, countries like Hong Kong, Germany, Malaysia and the United Kingdom had higher percentages of infected computers, Prolexic said.

Prolexic based its report on attacks it saw over the last six months.

Story Copyright © 2005 Reuters Limited. All rights reserved.