McAfee: Welcome to the United States of Zombie PCs

Summary: McAfee on Tuesday released its quarterly report on Internet security. The results?

By Larry Dignan for Between the Lines | May 5, 2009 -- 02:24 GMT (19:24 PDT)

Follow @ldignan

McAfee on Tuesday released its quarterly report on Internet security. The results? Cybercriminals have taken control of 12 million new IP addresses since January.

Add it up and the U.S. contributes 18 percent of the IP addresses controlled by botnets. These zombie PCs appear to be lining up to enable spammers to recover from the November 2008 dismantling of McColo Corp.

If you recall, McColo disappeared and spam levels fell 60 percent. That spam drop didn't last long, reckons McAfee.

A few select charts from the report:

Here's a census of percentage of zombie machines controlled by spammers by country and IP:

And the spam production by country:

And Conficker fears are overblown relative to AutoRun vulnerabilities:

Topic: Hardware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

51 comments

Log in or register to join the discussion

Wouldn't it be best to inform people

If they have zombie PC's in their homes? I mean, it isn't like the ISP's couldn't see that "Hey, this data is shooting to a known zombie PC site.... let's inform the person who uses this IP of that!"

Lerianis
5 May, 2009 03:50

Reply Vote
- OpenDNS
  
  If you use OpenDNS for your DNS resolution, they do do this. It helps but staying ahead of it is tough because of fastflux.
  
  rjacksix
  5 May, 2009 07:40
  
  Reply Vote
  - Only if the botnet is.....
    
    Using DNS to stay dynamic such as conficker did. Opendns would not be the end all for this stuff, though I use it and like the service a whole lot.
    
    OhTheHumanity
    5 May, 2009 08:12
    
    Reply Vote
    - question:
      
      .. has anyone written an small app to analyse and display on your screen what is going on out your ethernet/Wifi/whatever port ? Most people probably don't know what the heck is going out other than an icon in the toolbar to show activity... would be good to have a PAUSE button on it to stall the interface as well
      
      muzza2005
      5 May, 2009 09:36
      
      Reply Vote
  - That doesn't stop them
    
    Unless you know your network settings then yes. But most people don't have the skill to know to look for this and change this but if we show them step by step slowly they should able to do this.
    
    phatkat
    5 May, 2009 12:02
    
    Reply Vote
- Better yet
  
  Why don't they block it from moving the data? The network can identify what kind of packets are being transmitted, especially at odd hours of the night. I am curious to think how many of these infected machines are business machines versus home PCs. A true anti-virus program should use worms, malware, and virus to fit against those trying to use them. It should attack the IP that is controlling the botnets.
  
  MadWhiteHatter
  5 May, 2009 10:12
  
  Reply Vote
- Yes, but how.
  
  If you send them a email the bot controller will see it and delete that message. Maybe via the phone is only way without having the PC involved.
  
  phatkat
  5 May, 2009 12:04
  
  Reply Vote
Botnet by McAfee(tm)

Really nice, McAfee. You are both the causer and reporter of botnet statistics! http://www.readwriteweb.com/archives/mcafee_enabling_malware_distribution_and_fraud.php

I dare you to keep this PLAIN AS DAY truth up!

jmanico
5 May, 2009 04:11

Reply Vote
How Many are Macs?

Or are they all windows PCs?

Eriamjh
5 May, 2009 04:29

Reply Vote
- the can't be windows machines, cause windows is the most secure on planet
  
  nt
  
  brokndodge@...
  5 May, 2009 05:29
  
  Reply Vote
  - Almost....According to IBM.
    
    Most Vulnerable Operating Systems
    X-Force tracks vulnerabilities by platform and has produced metrics this year to show the operating systems with the most disclosed vulnerabilities. The
    following chart shows the operating systems with the most vulnerabilities
    documented in 2008. The top ten operating systems account for nearly 75% of
    all vulnerability disclosures affecting operating systems.
    Operating System Percentage
    Apple Mac OS X Server 14.3%
    Apple Mac OS X 14.3%
    Linux Kernel 10.9%
    Sun Solaris 7.3%
    Microsoft Windows XP 5.5%
    Microsoft Windows 2003 Server 5.2%
    Microsoft Windows Vista 5.1%
    Microsoft Windows 2000 4.8%
    Microsoft Windows 2008 4.1%
    IBM AIX 3.7%
    Others 24.9%
    
    Table 7: Operating Systems with the Most Vulnerability Disclosures, 2008
    Several operat ing sys tems have remained in the top five list over the past three years :
    ? Apple Mac OSX
    ? Apple Mac OSX Server
    ? Linux Kernel
    ? Microsoft Windows XP (with one exception in 2007)
    
    OhTheHumanity
    5 May, 2009 08:15
    
    Reply Vote
    - I thought we were talking about Bot Nets
      
      Pardon me, I thought we were talking about Bot Nets? You know, someone opens an email without current Anti-Virus installed and something silently installs on his computer without him knowing anything about it or having to agree to install it.
      
      So given those parameters, I will ask again, HOW MANY MACS ARE INFECTED?
      
      But of course you know as well as everyone else what that answer is. You just cannot bring yourself to actually say the answer. The answer, unless someone can correct me, is zero.
      
      slylabs13
      5 May, 2009 11:59
      
      Reply Vote
      - The answer is most definitely not zero
        
        http://www.networkworld.com/news/2009/041709-first-mac-os-x-botnet.html
        
        This is only the first publicly announced botnet. With the limited power than an OS X user can have, I am sure the user cannot even begin to know if someone else is running a low-level process in the background. I'd like to add, if I wanted the power of a good botnet to do my bidding, I would go with machines that had power to begin with, which is why I would go for Microsoft machines. If you were to steal a car to use for illegal drug runs, would you pick the corvette or the chevette?
        
        MadWhiteHatter
        5 May, 2009 13:11
        
        Reply Vote
      - Mac users ARE Zombies
        
        I just can't help but point out the atrocious,
        stubborn ignorance of die hard Mac/OSX fans.
        It reminds me of the Flat Earth Society.
        They're going to hold out and stick to their
        beliefs about the safety of MAC/OSX platform
        until the bitter end.
        
        The gist of the debate is this: "Zombies only
        go after large targets. Mac/OSX is a puny and
        insignificant target, so even though there are
        a plethora of vulnerabilities we are safe for
        now."
        
        Gosh, if I were a virus writer I would be
        licking my chops at the prospect of writing
        viral code for these hapless dodo birds...
        
        Compute_This
        5 May, 2009 13:20
        
        Reply Vote
      - And the average PC user?
        
        Ever seen some of the folks buying PC's? Bubba & Emy Lu
        buying a computer for Junior, now that he finally made it to
        high school.
        
        The huge reduction in costs in the computer is dependent on
        economies of scale and the non-tech folks are one of the
        critical markets that drive up sales volume. WIthout them you'd
        be paying a lot more for your computers.
        
        Watch the big boxes that sells PCs or remember the "Dude,
        You're Getting a Dell" commercial - not really the focus on the
        tech market.
        
        But probably the best example of the non-tech section of the
        PC market was Dell moving their support for this group to a
        third party company in India - even if they paid for an
        extended warranty they lost their Dell employee for support.
        Guess Dell thought their individual customers were too dumb
        to know the difference.
        
        Ken_z
        6 May, 2009 10:29
        
        Reply Vote
      - correction
        
        Ill correct you. Maybe you should go read about most vulnerable operating systems. Mac's are not at all without exploits. Where is your proof that no virus runs on a mac platform? because you know that MAC OS is just a copy and paste of linux and bsd right? so anything running on linux and/or bsd can be modified to run on mac easily. And there are viruses for linux. People who use mac computers are normally people who don't know about computers. Their operating systems are way more vulnerable than Windows or Linux PCs. You just pay more for lies and false senses of security.
        
        Jimster480
        6 May, 2009 06:54
        
        Reply Vote
    - Windows percentage
      
      So the way I read it, all Windows OS's taken together account for 24.7% of all vulnerability disclosures. OS X accounts for 28.6%. All Linux OS's combined account for only 10.9% of disclosures.
      
      cburkitt2
      6 May, 2009 06:52
      
      Reply Vote
      - I guess....
        
        If you want to look at it that way, but I don't recommend trying to run all the OS's at once on the same partition. Could get ugly and will not work. Give it a whirl and let us know.
        
        OhTheHumanity
        6 May, 2009 09:17
        
        Reply Vote
  - nub
    
    nt nub
    
    Jimster480
    6 May, 2009 07:01
    
    Reply Vote
- Most Secure....
  
  You forgot to put the screen full of 4pt legal disclaimers that go along with that statement (I love Apple commercials, and no I'm NOT a fanatic!)
  
  rjacksix
  5 May, 2009 07:48
  
  Reply Vote