Computer Tips -Tech Info

Tag: botnet

  • Huge Spam Operation Shut Down Thanks to TheSecurityFix

    Thank you Brian Krebs of the Security Fix. He has just made the internet a little better place. He’s worked for several months investigating a group that is believed to have been hosting provider for up to 75% of the Internet’s junk email as well as child porn websites, rogue anti-virus software and who knows what other slime. Great work Brian. He essentially contacted the service providers of the group in question and presented them with the evidence that he and others uncovered.

    (more…)

  • Spam storm

    Wow… just took a glance at the error_logs and saw numerous errors from Trackbacks and started browsing to find that the last few days we’ve been weathering a spam storm. Thanks to akismet and another tool I’ve only had maybe 2 comments stuck in moderation that were spammy, but several thousand have made it to akismet (and if I recall my OTHER filter catches 90% of the spammy stuff before akismet sees it…) So, I hope someones having fun…. realistically they seem to be coming from a variety of machines, likely a botnet. I saw one machine belonged to a netblock owned by the state of Ohio for public schools. There was another residential broadband in Texas… etc. etc. etc. So, surprise, there are still botnets in the wild and being used for spam.

  • Major botnet building and the massive jump in spam

    For a few months now (since the demise of bluefrog actually) I’ve noticed that the level of junk mail has gone up on my own mail server. Yes, I use spamassassin to filter and tag, but the volume of stuff that’s tagged has gone up (as well as the volume that slips through.) I’ve had to flush out the bayes filter more than I would like after some massive bayes poisoning attempts (those messages with lots of random words or text.) I’ve also been following news on the topic and thought I’d detail some of it here for those that haven’t been paying attention.

    (more…)

  • Run a botnet go to jail

    It’s really good to see one chalked up against a botnet operator. Friday, a former botnet operator was sentenced to 37 months in prison for breaking into 100’s of thousands of computers. There NEED to be more stories like this. Unfortunately though, with a possible benefit of making $6,000-10,000 per month being a botnet herder…. and only 2 high profile arrests and convictions, I don’t know if this will discourage ENOUGH people from this kind of activity.

    (more…)

  • MS06-040 update

    MS06-040 is one of last weeks Windows updates and is the one that was probably the biggest target for “wormable” activity. There’s a good deal of news from over the weekend with regards to this. First: Snort signatures, the MS06-040 exploit was spotted actively “in the wild”, and of course, our perennial friends in the spamming world didn’t waste much time in making use of this one.

    (more…)

  • Anonymized Botnet?

    Sans has a story on botnet traffic spotted coming from the TOR network. Now, I had to refresh my memory on what TOR is, but it’s an anonymizing network, essentially a computer running TOR, would collect a list of TOR client machines on the internet and then connections to other pcs are routed through encrypted connections through several different pcs, which masks the origination of the data request. Of course, this doesn’t mean that botnets are actively making use of TOR, it could just be an inadvertant…. “route all my traffic through TOR” computer got a bug….

    (more…)

  • The Great Cyberwar

    It went un-noticed by most people for a few years. After all, the ones that were affected were just those that were “asking for it”. Where to start. Let’s see, back in the day there were some that sent out messages to other peoples computers and even when people tried to stop getting the messages they kept coming, so a few sites decided that if they could “blacklist” the places that these messages were coming from, they could help people deal with the mass of messages. So they did, and the people sending the unwanted messages were a bit frustrated and improved their distribution a bit, taking over virus infected pcs for sending their messages. The defenders matched and started blacklisting dialup addresses as mail sources. It was frustrating for those doing legitimate mail servers on a dynamic internet address, but there were legitimate ways to fix the problem. But the senders of the messages got mad.

    (more…)

  • Computer security day….

    A few days ago – while musing about the botnet take-down of Blue Security – I said something along the lines of “Make sure your pc’s are clean from “bugs” and help your friends do likewise. Spread the word, we need a “worldwide clean your computer with antivirus and antispyware day” or something like it. (Kind of like the installfests, Linux User groups have only an uninstallfest.)” Anyway, it looks as though Switzerland does something like this… According to incidents.org it’s called Swiss Security day.

    (more…)

  • Clickbot – new bot tactic…

    There is a new twist on the bot networks that have been the plague of computing in recent years. This one is called ClickBot. The story is from Incidents.org Many sites, (like this one) use adsense to “monetize their content”. The idea is that advertisers bid on “clicks”. So, if I wanted to advertise on the keywords “asheville computer repair” I might bid 5 cents for every click on one of my ads. The problem is many content owners are less than scrupulous.

    (more…)