PluggedIn: Hackers control PCs while users unaware
A few weeks ago Candace Locklear's office computer quietly started sending out dozens of instant messages with photos attached that were infected with malicious software.She was sitting at her desk, with no sign that the messaging software was active.
A few weeks ago Candace Locklear's office computer quietly started sending out dozens of instant messages with photos attached that were infected with malicious software.
She was sitting at her desk, with no sign that the messaging software was active. By the time she figured out what was going on, several friends and colleagues had opened the attachments and infected their computers. It took eight hours for a technician to clean up her computer. But because the malicious software worked so secretly, she's still not convinced that all's clear.
"I'd like to think that it's gone. But I just don't know," said Ms Locklear, 40, a publicist in San Francisco. "That's what is so frustrating."
Computer security experts estimate that tens of millions of personal computers are infected with malicious software like the one that attacked Ms Locklear's machine. Such programmes, generally classified as malware, attack companies along with consumers.
Some are key-loggers, recording every keystroke that the user enters - sending valuable bank account information, passwords and credit card numbers to hackers.
In July, hackers used key-logging software to gather passwords to databases at the US Department of Transportation, consulting firm Booz Allen, Hewlett-Packard Co and satellite network company Hughes Network Systems, according to British internet security software maker Prevx Inc.
Another malware program turn PCs into "zombies," giving hackers full control over the machine. The zombies can be instructed to act as servers, sending out tens of thousands of spam e-mails promoting counterfeit medications, luxury watches or penny stocks without the PC owner ever knowing about it.
The computer that controls the zombies - known as the command and control centre - is able to change the text of the spam depending on what his or her customer wants to sell.
Monster Worldwide Inc said last month that confidential contact information of millions of its job seekers was stolen by criminals who used zombies. Contact data for 146,000 job seekers using the official US government jobs website was also taken.
Monster said it would beef up its security, but even with enhanced protection there are no guarantees. Security experts say that while companies and consumers need to be vigilant to protect themselves against internet-borne threats, determined criminals are hard to beat.
She was sitting at her desk, with no sign that the messaging software was active. By the time she figured out what was going on, several friends and colleagues had opened the attachments and infected their computers. It took eight hours for a technician to clean up her computer. But because the malicious software worked so secretly, she's still not convinced that all's clear.
"I'd like to think that it's gone. But I just don't know," said Ms Locklear, 40, a publicist in San Francisco. "That's what is so frustrating."
Computer security experts estimate that tens of millions of personal computers are infected with malicious software like the one that attacked Ms Locklear's machine. Such programmes, generally classified as malware, attack companies along with consumers.
Some are key-loggers, recording every keystroke that the user enters - sending valuable bank account information, passwords and credit card numbers to hackers.
In July, hackers used key-logging software to gather passwords to databases at the US Department of Transportation, consulting firm Booz Allen, Hewlett-Packard Co and satellite network company Hughes Network Systems, according to British internet security software maker Prevx Inc.
Another malware program turn PCs into "zombies," giving hackers full control over the machine. The zombies can be instructed to act as servers, sending out tens of thousands of spam e-mails promoting counterfeit medications, luxury watches or penny stocks without the PC owner ever knowing about it.
The computer that controls the zombies - known as the command and control centre - is able to change the text of the spam depending on what his or her customer wants to sell.
Monster Worldwide Inc said last month that confidential contact information of millions of its job seekers was stolen by criminals who used zombies. Contact data for 146,000 job seekers using the official US government jobs website was also taken.
Monster said it would beef up its security, but even with enhanced protection there are no guarantees. Security experts say that while companies and consumers need to be vigilant to protect themselves against internet-borne threats, determined criminals are hard to beat.