This month’s Wired magazine has a fascinating article one of those things you hear about, perhaps worried about, but never really understood.Â Hey, I’ve worried about my own PC’s being zombies in disguiseÂ (hey, its Halloween — got to throw in a goulish reference some how) — yes, its a great look at bots.Â Those automated programs that sit silently on a PC, and are responsible, after an appropriate signal from “command and control”, for spam, click fraud, and all host of web evils.Â Amongst other things:
Bots can also monitor keystrokes to collect passwords and other sensitive data for identity theft and credit card fraud. In one 2005 case, bots spread spam purporting to contain pornographic attachments. When a recipient opened the file, it installed a keystroke logger that captured, among other things, LexisNexis credentials. Using that information, the hackers compromised 300,000 accounts.
A pretty eye-opening article on some recent history of bot attacks (on Six Apart, no less), the spammers who profit from them, and the stalwart few who are trying to do something about it.