Skip to content

The Attack of the Zombie Viruses

“People are preparing for a Zombie Apocolypse,” warned Kevin R. Smith, PC and Mac computer anti-virus reviews expert in the states, “but what they don’t realize is it is already here, with the new wave of computer viruses.” It is said that these computer viruses constantly look for new “victims” to infect and distribute the virus to other computers through shared files, email attachments, and even merely visiting an infected website.

Some have even called these viruses “worms.”

“Most of those worms are self-replicating and self-spreading – which is a big reason why they continue to spread as rapidly as they do,” according to Candid Wueest, one of the principal threat researchers at Symantec, who has hunted computer viruses for years.

According to Wueest, the viruses are spread by a malicious program, which infects a computer. What is called “a routine” is executed which looks for other networks on the internet which are most vulnerable to infection.

When it finds one, a copy is installed on that computer, and it continues a scan from that computer, finding other vulnerable machines, and the cycle continues.

“All it takes is a few computers to get them spreading around again,” he added.

The Living Dead? More Like The Living Dud

One “zombie virus” called Conficker is one of the most active computer viruses which has been tracked. It first struck back in 2008 in November. At its peak, the worm was able to infect up to 15 million Windows PCs.

Conficker targeted the Microsoft Windows XP operating system (good news for Mac users), and it just wasn’t individuals and businesses it was after. Surprisingly, the French navy, Greater Manchester Police, and even UK warships were hit with the virus.

Also called “malware” it was one of the most crippling viruses on record which brought Microsoft to put up a bounty of $250,000 (£193,000) for any information which leads to the capture and arrest of the creators of Conficker’s.

Unfortunately, the bounty is still available, as there has been no claim, and the ones who created it, are still at large.

Dr. Paul Vixie, an expert with Farsight Security, was one of the leading members of the Conficker Working Group, set up when the malware (zombie virus) was at its destructive peak.

Statistics gathered by Symantec suggest there were an incredible 1.2 million Conficker infections in 2016 and 840,000 in 2017. 2018 numbers aren’t in yet.

The country that suffered the largest number of infections? India.

The good news was that Conficker had never been “weaponized”, said Dr. Vixie.

His theory? Conficker spread too rapidly and infected more computers than imagined, and the creators of the virus were not able to make it more malicious.

Bring The Data of the Dead

But Conficker was not alone in persisting long after its initial outburst, said Mr. Wueest, from Symantec.

Symantec regularly monitors the SillyFDC virus from back in 2007, the Virut virus from 2006 and even a severe file infector which was name Sality from 2003.

“We do see Dos viruses now and then,” he said. The disk operating system (Dos) is more than 36 years old and dates from the early days of the desktop PC. Even older versions ran on mainframes.

Many viruses live on because of the way the underground cyber-crime handles the well-thought-out and executed code.

“Malware is rarely static,” he said, “computer code from older malware families can be shared, or stolen, and used in the development of new malware.”

Lee pointed to the Zeus banking Trojan, as an example. The virus’ source code was leaked back in 2011, and they still see it “out in the wild.”

There doesn’t seem to be an end in sight for the zombie viruses, because of their wide range of success in infecting machines.

Mirai first appeared in 2016 but is proving hard to eradicate.

“It has features suggesting that it will be exceptionally long-lived,” Mr. Lee said.

The bug infects networked devices, which surprisingly, are not running anti-virus software. Why? Some systems cannot be upgraded to run any decent protection according to Lee.

“With the source code of the malware leaked, and a simple method of propagation using default usernames and passwords to compromise devices, it is something that will be with us for years,” Mr. Lee said.

Leave a Comment