Jack Writes: The rate at which personal computers are being hijacked by hackers rocketed in the first half of 2004, reveals a new report. An average of 30,000 computers per day were turned into enslaved “zombies”, compared with just 2000 per day in 2003.
US computer security company Symantec says efforts to build so-called "botnets" - networks of zombies used to launch attacks on corporate websites or as anonymous relays for sending out spam - from hacked computers have intensified dramatically in recent months. The company's latest biannual report shows that recruitment of "zombie" machines peaked at 75,000 computers per day.
Jeremy Ward, service development manager at Symantec, says virus writers can make good money by selling botnets to online extortionists and spammers.
"What we're seeing now is malware, or malicious software, that is truly professional," Ward told New Scientist. "You have the ability to set up botnets for a number of money-making schemes."
The Symantec report is based on information gathered from 20,000 network sensors based in 180 countries around the world. They also collected information from anti-virus software installed on desktop machines and corporate networks.
The study shows that overall virus activity increased between January and June 2004. In all, 4496 Windows computer viruses were released during this time - a fourfold increase on the same period the previous year.
Enlistment of zombie machines reached an all-time high during a turf war between two virus-writing groups in the first few months of 2004. Those behind the worms MyDoom and Bagle fought against the creator of the Netsky virus for ownership of the infected computers.
During this feud, a version of Netsky was released which was designed to deactivate the Bagle and MyDoom viruses within infected computers.
Richard Archdeacon, director of technical services at Symantec, adds that virus writers have developed new programming tricks to thwart current anti-virus scanning technology.
Anti-virus scanners examine the contents of files for pieces of data that match those of a known threat. Many viruses, for example, insert themselves at the beginning or end of code for a legitimate programme.
But recent strains of virus have made scanning more difficult. A virus called Impanate, for example, buries portions of its code in an unexpected region of a software file.
Another virus, known as Gastropod, rewrites its own code entirely between replications to complicate detection. Spotting these viruses requires considerably more computing power, draining system resources.
"These advanced infection mechanisms may render many traditional antivirus scanning techniques ineffective," Archdeacon says.
But law enforcers have also made progress. On 9 September, an 18-year-old German programmer was charged with creating Netsky and another worm, Sasser.