AOL branded most infected network
ISP accused of hosting more zombie PCs than any other network
Analysis from IT security consulting firm Prolexic claims that AOL's network hosts more zombie-infected PCs than any other in the world. Infected machines can be used by remote hackers to instigate distributed denial of service (DoS) attacks.
From a European perspective the study also criticised Deutsche Telekom, Wanadoo and AOL as being Europe's top three offenders for harbouring infected PCs.
Barrett Lyon, chief technology officer at Prolexic, said: "It should not be a surprise to find that some of the most high profile ISPs are most susceptible to providing a safe haven for large numbers of zombie PCs.
"It is these networks which are continually being exploited to support large scale DoS attacks. Just because a home user subscribes to a reputable brand does not mean that they are safe from the online criminal fraternity."
Distributed DoS attacks are co-ordinated by criminals who place malicious viruses onto the computers of unsuspecting broadband users.
When the attack is triggered, the infected computers can be used simultaneously to flood a network with fake packets, preventing legitimate traffic from accessing a system.
The report also highlighted a significant change in the way that distributed DoS attacks are being coordinated. It claimed that attacks are now focusing less on Layer-3 TCP and have shifted to exploit the weakness of distributed DoS mitigation devices.
The primary attack of choice in the first half of 2005 is described as an " advanced full connection based flood".
Although this particular attack exposes the real IP address of the attacking zombie, the sheer number of IP addresses that must be blacklisted successfully to defend the attack places an overwhelming load on the mitigation hardware.
ISP accused of hosting more zombie PCs than any other network
Analysis from IT security consulting firm Prolexic claims that AOL's network hosts more zombie-infected PCs than any other in the world. Infected machines can be used by remote hackers to instigate distributed denial of service (DoS) attacks.
From a European perspective the study also criticised Deutsche Telekom, Wanadoo and AOL as being Europe's top three offenders for harbouring infected PCs.
Barrett Lyon, chief technology officer at Prolexic, said: "It should not be a surprise to find that some of the most high profile ISPs are most susceptible to providing a safe haven for large numbers of zombie PCs.
"It is these networks which are continually being exploited to support large scale DoS attacks. Just because a home user subscribes to a reputable brand does not mean that they are safe from the online criminal fraternity."
Distributed DoS attacks are co-ordinated by criminals who place malicious viruses onto the computers of unsuspecting broadband users.
When the attack is triggered, the infected computers can be used simultaneously to flood a network with fake packets, preventing legitimate traffic from accessing a system.
The report also highlighted a significant change in the way that distributed DoS attacks are being coordinated. It claimed that attacks are now focusing less on Layer-3 TCP and have shifted to exploit the weakness of distributed DoS mitigation devices.
The primary attack of choice in the first half of 2005 is described as an " advanced full connection based flood".
Although this particular attack exposes the real IP address of the attacking zombie, the sheer number of IP addresses that must be blacklisted successfully to defend the attack places an overwhelming load on the mitigation hardware.
