New Service Alerts You to Zombies On Your Computer   - 1,322 Views,

Here’s Sophos’ information about the service:

Sophos ZombieAlert Service notifies companies about their spammer-controlled computers

New automated service identifies exploited and hijacked computers on business networks
Lynnfield, MA - Sophos, a global leader in network security, announces the availability of Sophos ZombieAlert™, a new alert service that identifies “zombie� computers on an organization’s network. Zombie computers are infected machines that give control to unauthorized and remote users, allowing them to send spam from the computer or to launch email-based Denial-of-Service (DoS) attacks against websites.

SophosLabs™, Sophos’s global network of virus and spam analysis centers, estimates more than 50 percent of all spam today originates from zombie computers. In May, the Sober-Q Trojan horse and Sober-N worm worked in tandem to infect and hijack computers around the world, programming them to spew out German nationalistic spam during an election. As spammers become more aggressive, collaborating with virus writers to create armies of zombie computers, legitimate organizations with hijacked computers are being identified as a source of spam. This not only harms the organization’s reputation, but can also cause the company’s email to be blocked by others.

ZombieAlert advises service subscribers when any computer on their network is found to have sent spam to Sophos’s extensive global network of spam traps, and provides rapid notification to customers if their Internet Protocol (IP) addresses are listed in public Domain Name Server Blackhole Lists (DNSBL). This information helps customers locate, disinfect, and protect these systems from future attacks.

“Aside from consumers, organizations such as educational institutions and government agencies are most at risk because they often have complex environments with remote and home users, which makes it far more challenging to provide effective security,� said Gregg Mastoras, senior security analyst at Sophos. “Our global network of threat analysis centers, provide around the clock visibility into new and emerging threats, including compromised computers. This alert service gives organizations the opportunity to remedy the situation and clean their systems.�

“Sophos is the first vendor we know of to offer an on-the-fly alert service that advises organizations that they are being used to host zombies,” said David Ferris of Ferris Research. “This service is unique and very timely. I would anticipate that competitors would soon follow suit.”

For Internet Service Providers (ISPs), the problem is equally as critical since consumers are largely targeted. This service enables ISPs to identify and alert consumers of the threat while providing the opportunity to recommend that end-users to practice safe computing habits.

“Our IT support staff spends a lot of effort and has good success protecting desktop systems and servers,â€? said Alan Pfeiffer-Traum, enterprise system administrator and electronic mail postmaster at the University of Houston. “It’s a real challenge to extend that protection to computers that faculty and students bring with them to campus every day, not to mention those that access the campus VPN. Despite our efforts, zombies happen. ZombieAlert is a very effective tool to catch those hijacked computers in the act. I especially appreciate that I don’t have to depend on received complaints to be alerted - I can say we detected the abuse through our own monitoring.â€?