In order to raise awareness about the various malicious bots looking to colonize your computer via the net, Symantec/Norton have whomped up a couple of downloadable cute malware papercraft bots for you to cut, fold and glue. Available are the Identity Theft Bot and the Extortion Bot. Link.
“Bot” is short for robot—but this isn’t your run-of-the-mill mechanical droid that speaks in bleeps and fixes everything. Quite the contrary. Bots are virtual, which is a problem from the get-go. You can’t beat a bot with heavy artillery or smart bombs. You have to beat them with brainpower–in the form of clever code designed by good people to protect PCs from the wrath of the bots.
Bots are everywhere, doing lots of things—most of them bad, and most of them on unsuspecting PCs. They’re deceptive little code critters created by cybercriminals to do their bidding. The cybercriminal sends one of these malevolent bots on a mission of malice: infiltrate someone else’s computer, server or Web site, and seize control. Once enough bots are deployed, and once enough computers are made into “zombies,” a “botnet” is formed.
And that’s where the real trouble begins. Botnets are virtual geysers of malfeasance, where personal and private information is no longer safe, money is extorted, and passwords, credit card numbers, even entire identities, are stolen on a regular basis.
Of course the bots aren’t the actual source of all the trouble. No, that dingy distinction is reserved for the criminals who program the bots. And they can be anywhere on the face of the planet, so long as there is Internet access (which is pretty much anywhere on the face of the planet).
The irony is that the criminals live in the real world (as far as we know), and yet they’re supremely hard to track down. It’s much, much easier to track a bot on an unprotected PC than it is to find the person who made the bot and sent it out onto the Internet to do his or her bidding in the first place.
And that bidding, as previously mentioned, is usually devious, counterproductive, and illegal. With a potentially limitless number of bots running roughshod over the Internet, stealing data, stopping service, sending spam, and creating fraudulent emails and Web sites—just to name a few of bots’ favorite hobbies—a mere human would have a very hard time tracking down all the bots in cyberspace. So the best option is to protect your own PC: stop the bots from getting into your machine in the first place. One way to help is Norton AntiBot. Another way to help is vigilance.
Bots are a big problem, and in order to beat them, we need your help. Have you come across any of these bots?
Denial of Service Bot, aka “DoS Bot”
A thug among thugs, DoS Bot wreaks his own distinct breed of havoc by launching denial-of-service attacks against target Web sites. Once an attack is launched and service is halted, sites conducting e-commerce can lose substantial amounts of business—thus the several instances in which unethical companies have hired DoS Bot to take down a competitor’s site. He’s known to carry a large shield and has often been seen playing goalie in both hockey and soccer.
Extortion Bot, aka “Bling Bot”
Bling Bot operates in much the same way as DoS Bot, with one key difference: he lets victims know about an impending denial-of-service attack before it happens. The cybercriminal controlling Bling Bot makes it clear when the attack will happen and how much it will cost the company in lost e-commerce. The rest is pure extortion: in order to avoid or stop the attack, the victim must pay an amount demanded by Bling Bot. He’s known to wear lots of bling, and is fond of fedoras.
Identity Theft Bot, aka “Bot Simpson”
Bot Simpson is a thief with a particular niche: your identity. A shape-shifter, a trickster, a master of disguise, Bot Simpson is never who you think he—or she, or it—is until it’s too late. After he breaks into an unsuspecting PC, he steals personal and private information—social security and credit card numbers, names, addresses, images, passwords—that will all be used to forge his next, new identity. Which could be yours. There is still no visual record of Bot Simpson.
Spambot, aka “Spam-a-bot,” “Canned Spam”
The juvenile delinquent of bots, Canned Spam exists solely to send spam. And though it might not seem like a major threat, Canned Spam’s dirty work can lead to serious system slow-downs, loss of memory, and total user irritation. He’s been spotted impersonating a high-speed copier and carrying a bottomless mailbag.
Fraud Bot, aka “Phishing Bot,” “Bot Water”
Phishers rely heavily on bots to enable fraud. Phishing Bot identifies potential victims, then sends fraudulent emails that appear to come from a legitimate organization—like the victim’s bank. Phishing Bot also hosts phony Web sites, which are used to steal people’s personal information. Phishing Bot is known to carry a tackle box, and has rarely been seen without a rod and reel.
It’s a war on Bots—are you ready to enlist? If you’ve encountered any of these bots, or know of anyone who has, please contact the network administrator.