A recent study by security vendor Prolexic Technologies has declared AOL to be king of the zombies, with their customer’s machines accounting for more infections than any other ISP.
A well as being a scary 1960s monster, zombies are also computers that have been infected with a daemon that puts it under the control of a malicious hacker – with the computer owner remaining blissfully unaware.
Zombie machines are often used by malicious hackers to launch Denial of Service (DoS) attacks, and Prolexic spent six months studying the data from real-world DoS attack attempts from hijacked machines.
Their findings put AOL right at the top of the Zombie league with 5.3 percent of all infections, followed by Deutsche Telekom in second place with 4.67 percent, and Wannadoo third with 3.27 percent.
Country by country, the good ol’ USA led the way, totting up a global market share of 18 percent of the total detected.
China lagged behind at 11.2 percent, with Germany on 9.6 percent,and the UK and France both with 5.1 percent.
If the figures are calculated on zombie numbers on a per capita basis, the most infected countries were – in descending order – Hong Kong, Germany, Malaysia, Hungary, and the U.K.
“It shouldn’t be a surprise to find that some of the most high profile Internet Service Providers are most susceptible to providing a safe haven for large numbers of Zombie PCs,” says Prolexic CTO Barrett Lyon. “It is these networks which are continually being exploited to support large scale DoS attacks.”
“Just because a home user subscribes to a reputable brand doesn’t mean they’re safe from the online criminal fraternity,” he says.
AOL was having none of it, saying that the suggestion that it is the most infected network on the Internet was “silly.”
In full-on PR schmooze mode, AOL spokesman Andrew Weinstein declared the numbers to be “great news” for the company, pointing out that the number of Zombies on its network is actually low in relation to the total number of its members.
“We’re the largest ISP, so we’re going to have the largest of everything,” he whooped.
“Even though we’re several times larger than the next largest ISP, the rates of infection for those next-largest ISPs are basically the same.”
Although Weinstein acknowledged that over 10 percent of the Zombie attacks came from AOL, he was quick to point out that the company accounts for roughly 40 percent – or 21.7 million – of US Internet subscribers, thus making AOL customers three to four times safer than the average user of another ISP.
“I think this report is kind of silly; it’s like saying the US is the most dangerous country to drive in because we have the most cars,” he added.
Although Prolexic are yet to comment on AOL’s response, the company has emphasised that its Zombie data was culled from attempted real-world attacks, and not sneaky “honeypots” designed to lure in Zombie hackers.
The company also noted that Zombie attackers now favour the brute force “full connection based flood” approach, using real IP addresses in such numbers that they might overload blacklisting systems.