Monday, June 18, 2007

BBC story on FBI "recall" of infected home computers

BBC News (from the British Broadcasting Company) is planning to contact up to one million home or small business personal computer owners whose computers have been hijacked and turned into “zombies” for sending spam, or possibly for participating in denial of service attacks against visible controversial targets, or as conduits for steganography. The exercise is called “Operation Bot Roast.”

One high profile spammer, Robert Alan Soloway, has been arrested during this investigation and could face 65 years in prison.

Among the labs that can scan the Internet to look for infected “botnet” machines are F Secure, Trend Micro, and Kaspersky Labs.

McAfee has recently offered its subscribers a Site Advisor service, where it scams sites for known problems that could compromise a home computer’s security or lead to unwanted emails.

Some problems that sites have, however, come from legitimate software bugs and not malware. For example, for a while Microsoft Word (the 2002 version) would sometimes insert or propagate extraneous and erroneous links into webpages that it converted to HTML, because of a bug in the way its XSL translator applied the span keyword. The resulting page would appear to misdirect users when clicking on links (that could appear hidden under text not intended to be linked), which normally a sign of a malware website. Microsoft now only supports later versions of Word.

An infected machine, when traced, will show that an inappropriate modem really was sent from the IP address associated with the machine, which is not the case when the sender-id in an email is spoofed.

As far as I know, so far owners of infected machines have not been prosecuted for violations of law that occur when their infections result from hackers, malware, visiting infected sites, or viruses. But it would seem logical that the possibility would exist, or that in the future prosecutors might want to treat certain things as strict liability offenses.

Parents have been prosecuted for illegal activity of their kids, and when a family computer can be used by unknown visitors to a house, there is a risk of additional security problems and conceivably erroneous arrests and prosecutions, since IP addresses can be traced. Similar concerns occur in the workplace. See the previous story on the apparently wrongful conviction of a substitute teacher.

The BBC story is here.
AOL featured the story today on its home page as a warning to home users that a knock on the door could come from the fibbies.

No comments: