Zombie alert

In an attempt to capitalize on Halloween, Microsoft and a coalition of consumer groups have gotten together to warn consumers about online fraud done through malicious programs that secretly install code on a computer, turning it into a so-called zombie machine controlled by hackers.
Computer criminals often use zombie computers to launch spam e-mail attacks that try to steal personal information, such as Social Security and credit card numbers, said Tim Cranton, director of Microsoft’s Internet Safety Enforcement programs.
To prove how vulnerable most users are to these incidents, Microsoft rigged up a test computer with a zombie program gathered as evidence in a real attack, and then watched to see what it would do when connected to the Internet.
Immediately, the infected computer sent an alert with its Internet location and hijack status to a distant server. Then, connection requests from hundreds of other addresses poured into the machine, commanding the computer to distribute millions of illegal spam e-mails.
Microsoft had it rigged so the zombie machine wouldn’t comply, but the experiment showed how powerful attacks can be.