Honeypot PC Attacked Over 50 Times Per Day

A BBC News website study created  a ‘honeypot ‘ PC, which pretends to be a normal PC, but records offensive actions or attacks by hackers. A ‘honeypot’ computer recorded attacks everytime it was attacked, and in the worst night recorded the following:

One hijack attempt occurred when the PC experienced a buffer overflow attempt to subvert the web server built into Microsoft Windows. A successful attack would hand over control of the machine to a hacker.

Two “port scans” occurred, which look for weak spots in Windows software – a sign of scouting by hackers seeking new victims.

Eleven attacks by the ‘Blaster’ worm occurred … success would have rendered the machine unusable

Three attacks by the ‘Slammer’ worm occurred …  success would have left machine crippled and prone to crashing

Thirty-six fake security announcements/adverts for fake security software posing as warnings popped up. Human reaction to these could leave a PC clogged with spyware. The ‘honypot’ clicked on the fake dialogue box intentionally. An image that looks like a Windows dialogue box appeared, so clicking anywhere on it, even the “cancel” button, caused downloads of harmful software. The installation put new toolbars on the IE browser, a list unwanted favorites (bookmarks). All web searches were hijacked and redirected while pop-up advertisements populated the desktop. The harmful software rendered the computer impossible. Any files stored on the computer would be impossible to recover.

During the whole BBC experiement, at least one attack an hour came from a dangerous computer bug with the ability to cripple an unprotected PC.

According to Symantec, 86 per cent of all targeted attacks on computers are aimed at home users. There are an estimated 200,000 malicious programs in existence.

SOURCES:
BBC
Symantec