Edificio botnet Mayor y el salto masivo de spam



Por unos meses (desde la desaparición de bluefrog realidad) I’ve noticed that the level of correo basura has gone up on my own mail server. Sí, Puedo usar SpamAssassin para filtrar y etiqueta, pero el volumen de material que se ha marcado ha subido (así como el volumen que se desliza a través.) I’ve had to flush out the bayes filter more than I would like after some massive bayes poisoning attempts (those messages with lots of random words or text.) I’ve also been following news on the topic and thought I’d detail some of it here for those that haven’t been paying attention.


En primer lugar, most all spam doesn’t really come from the address listed asFROMI am constantly amazed at how many people are trying toblock senderin Outlook Express and thinking that will make a difference. It won’t, it will either blacklist innocent bystanders or you will have a long and useless list ofdisposableaddresses that spammers sent from. Ahora, I say, disposable addresses, that isn’t to imply that the spammer had to do ANYTHING to register or setup an address, it just means that say if a spammer targets this domain as theFROMsource they will make up thousands of randomized addresses from averyjparker.comthey can send it without even using averyjparker.com’s server to relay the messages. De hecho, they likely come from a botnet of thousands of home pcs around the world. Pero, in the scenario I describe above, averyjparker.com would receive the bounces or backscatter of the spam attack. Es decir, delivery failures, complaints, people asking to unsubscribe, etc. All to a third party uninvolved in the spamming. Not a bad racket for the spammer if you think about it.

Son, what’s the goal with spam? Probably money. Seamos realistas, I see a lot of stock spamI’d be willing to bet the sender bought up quite a bit before clicking send and will sell quite a bit within 2 or so days after the stock spam. Just think of the effect if you were to buy 1000 shares of something at $1 and then were to go on national media talking up the prospects of this company, within a day, let’s say the stock has gone up to $2 and you sell, with a nice profit. La “pump and dumpstock spam works the same way.

But there’s product spam too and apparently that sells enough to be worthwhile (maybe if it’s JUST advertising revenue in clicks on ads.) Of course there’s also the spam filter poisoning runs which are meant to just make junk filters less effective and let more of the junk through. On the other end of the equation are the botnets. Home pcs, maybe yours or your neighbors pc. You don’t notice anything wrong, but while it’s online it’s part of a larger network and takes part in all sorts of activities you wouldn’t like. It’s possibly sending viagra spam, or maybe it’s hosting a porn site with illegal content, or maybe pirated software? It could be taking part in other activities as well and you possibly wouldn’t notice much of anything. The viruses of the late 90s were obvious and brash and got big headlines. They spread big and quickly making an OBVIOUS impact on computers performance.

The viruses of today are much more subtle. Not too long ago I had someone say, “well there haven’t been any viruses lately”. I couldn’t help but look at them as though they stepped out of another time… Bien, there haven’t been any in the major NEWS lately, but last I knew there were around 100 or so a month released, más o menos. One antivirus scanner I have updates itself as many as 10-12 times per day, and it’s not updating because it’s fun, it’s updating to keep up with new threats as they emerge. They are more subtle these days though. I saw a warning this morning…. of a new trick in the bad guys bag, actually it’s a variation on a theme. It runs like this, unsuspecting person get’s an email about an order they have supposedly placed online. If they want to see details click the following link…. (trojan quietly installs.) O…. they get an email with a “pdf” attachment that has details of the transaction they’ve just supposedly completed. Otra vez, the pdf has a trojan. Pero, you might say wouldn’t people avoid clicking on that if they hadn’t purchased something? These days don’t you think if someone saw an unauthorized purchase confirmation they WOULD click to investigate? Sí, they’re tricky huh?

As for subtle. I’ve seen systems that were infested with trojan horses of various kinds and gave no reall noticable indication. I don’t know whether to give credit to Microsoft for a more stable Windows XP, or to virus writers for more stable virus/backdoor applications. Another of the things that always gets me is how clueless some people are about how a virus can operate. When I tell someone that their system has had a trojan and among other things all their online logins (read credit card numbers/logins/etc.) could have been logged, it could have been sending out tons of spam (thousands of messages an hour), or hosting illegal content, etc… many times I’m met with “bien, I haven’t noticed more mail going out than what I’ve sent.” “Ver, you can check mysent items”….” Uhm…. (the next explanation is the hard part.) most viruses don’t use outlook express to send out correo basura, it has it’s own engine for sending out messages if that’s it’s role. The other one that get’s me isno one has logged on to my machine because I haven’t seen the pointer moving/ programs opening.Ummm…. it’s possible to be logged in remotely without things turning up on the local display.

De todos modos, as I’ve said before we’re in a war of sorts between the security industry and the botnet builders/spammers/etc. Ahora mismo, I don’t think we’re winning. He aquí por qué…. significant rise in botnet activity behind surge in spam, massive surge in spam hits the internet, Why so little attention to botnets? This last article asks why there is so little coverage of the problem of botnets among non-experts and I think the answer is this…. it’s too abstract a concept for most computer users to relate to. To most users there is nothing wrong with their pc unless it’s sending an error message or acting slower or less stable than they’re used to. De hecho, there’s a perception threshhold there as well. (If it normally takes 3 seconds to open a browser window, will the user notice a 3.2 second open of a browser windowlikely not.) Aquí está more on the reports of increase numbers of infected systems, more on the link to spam.

I remember one of my posts on the old version of this site talked about the convergance of viruses and spam and at the time I was one of the ONLY people mentioning and highlighting this link. These days the awareness is higher, but it is STILL NOT common, conventional wisdom amongst the general population. I think what we need is a very large urge to personal responsibility and a push to encourage individuals to ensure that 1) they are running current antivirus on their pcs and keep it updated 2) ayuda 2 or three other computer users make sure that they as well have current antivirus and can keep it updated.

We will NOT win this struggle without millions of people taking responsibility for computers under their control. I don’t care if you install Norton, McAfee, or what (AVG is free for home/personal use) (http://free.grisoft.com) I recommend AVG quite a bit because it IS free for home users, there are a few other free for home/personal use antivirus packages out there, but please help in this struggle against the botnets and spammers.

Artículos Relacionados

Blog Traffic Exchange Artículos Relacionados
  • Es algo con ordb.org? Me he dado cuenta varias veces en la última semana un servidor de la mina que está usando postfix ha rechazado los mensajes debido a un fallo en la búsqueda de relays.ordb.org. Al principio, Pensé que esto era sólo un falso positivo en la base de datos en ORDB ... pero esta mañana que finalmente "lo atrapó"......
  • F-Secure lista de urls virus Sober Cuando la noticia fue el primero que una empresa de antivirus (F-Secure) había descifrado el algoritmo pseudo-aleatorio que el gusano Sober utiliza para determinar el punto de descarga "actualizaciones" de, dijeron que habían notificado previamente las autoridades alemanas, donde se encuentran los sitios de alojamiento gratuito para que pudieran hacer frente a ......
  • Un gran problema - usted no tiene cualquier tipo de virus .... Usted sabe, He visto taaaan muchos fabricantes de antivirus que son algo éticamente challanged afirmación de que los archivos de cookies son una gran amenaza, o en archivos peores casos que el "libre" prueba de antivirus descargado son peligrosos "usted debe estar contento de haber llegado hasta aquí en el tiempo - ¿Dónde está nuestro $30 para arreglar las cosas ..."......
Blog Traffic Exchange Sitios Web relacionados
  • Meeting People Through Meetup.com Last week I attended a cashflow game meeting through Meetup.com. It was lots of fun and I meet a few retired people who had made a ton of money through their real estate investments, even though they had ordinary jobs. One was a carpenter and the other was a programmer.Both......
  • How to Solve Pc Blue Screen? As most pc users meet blue screen of death, then how to fix it? Usually we are at a loss except anxiety.Now Registry Winner invites the famous Dr. Jekyll to do a lecture about pc blue screen. The detailed contents I summaried are displayed below: In this lecture Dr. Jekyll......
  • Finovate de inicio 2009 Vivir de Twitter Estoy asistiendo a inicio Finovate 2009. Se trata de una acción llena 1 formato de día, que me belive se presta perfectamente a un concierto de Twitter. Estén atentos que debería ser un día increíble. http://twitter.com / BlogTrafficExch En el descanso he programado algunas conversaciones con SimplFi, Como, Calendario y Presupuesto. Yo soy ......
PDF24    Enviar artículo como PDF   

Mensajes similares


Vea lo que sucedió este día en la historia de cualquiera de BBC Wikipedia
Buscar:
Palabras clave:
Amazon Logo

Los comentarios están cerrados.


Cambie a nuestro sitio móvil