The BBC’s technology programme Click wanted to do a report on how at risk modern PCs still are, but they didn’t expect to hijack nearly twenty-two thousand PCs.
Click used a readily available piece of software (which wasn’t named) to create the bot-net, which is basically just a network of computers, none of them aware of their function.
With just two email addresses, they set the bot-net to send each address 50 mails. Within an hour, over seven thousand emails had arrived with different subject lines, and according to the BBC, that’s not even working at full speed, just enough to keep under the radar of normal upload/download rates.
The email generator inside the infected machines has access to Google, where it can access some of the most popular searches and change the email subject line, allowing it to dodge past spam filters.
As a secondary test, the bot-net attempted a Distributed Denial of Service(DDos) against a friendly target that was expecting it, the security company Prevx. It only took 60 machines to overload the bandwidth.
Satisfied, and a little freaked out by the results, the makers of the program will show the full results on the BBC News service on Sat 14th March at 1130 GMT.
As an end result, the “infected” computers were removed from the bot-net and sent a message by the BBC telling them that their computer was insecure and how to fix it. No personal data was accessed on any of the infected computers.