Description: The zombie attack is a type of cyber attack in which compromised systems, known as ‘zombies’, are used to launch attacks on other systems. These zombies are typically devices that have been infected with malware, allowing an attacker to control them remotely. The main characteristic of this type of attack is its ability to utilize multiple devices simultaneously, amplifying the attack’s power and making detection more difficult. Zombie attacks are commonly associated with distributed denial-of-service (DDoS) attacks, where a network of compromised devices is used to flood a target server or network with malicious traffic, causing it to become inoperable. The relevance of zombie attacks lies in their ability to exploit vulnerabilities in unprotected systems, highlighting the importance of keeping security systems updated and conducting vulnerability audits regularly. Additionally, these attacks can have devastating consequences for organizations, including data loss, reputational damage, and significant financial costs.
History: The term ‘zombie attack’ began to gain popularity in the 1990s when the first computer worms and viruses started to infect computers and allow remote control by attackers. One of the most significant events was the ‘Mafiaboy’ attack in 2000, which used a network of compromised computers to carry out DDoS attacks. Over the years, the evolution of technology and the increase in Internet-connected devices have facilitated the creation of larger and more sophisticated zombie networks, known as botnets.
Uses: Zombie attacks are primarily used to carry out DDoS attacks, where a large number of compromised devices are used to overwhelm a target server or network. They can also be used to steal sensitive information, conduct online fraud, or distribute spam. The botnets formed by zombie devices can be rented out by attackers to other cybercriminals, making these attacks a form of business in the cybercrime world.
Examples: A notable example of a zombie attack is the Mirai DDoS attack in 2016, which used a botnet of compromised IoT devices to attack several online services, including Dyn, resulting in the disruption of many popular websites. Another case is the DDoS attack against GitHub in 2018, which reached traffic of 1.35 Tbps, using a network of infected devices to carry out the attack.
