Slashdot Mirror

← Back to Stories (view on slashdot.org)

Writing Viruses for Fun and Profit

Posted by Hemos on from the insidisous-dependence dept.

JMPrice writes "There's a short article over at zdnet that explores a future synergy between viruses and spam, i.e. international crackdown on spam and open relays makes spammers opt to use infected computers instead as relays, and speculates a relationship between the virus writers and spammers."

8 of 172 comments (clear)

  1. I've seen the future.. by Dynamoo · · Score: 5, Informative
    ..and it stinks. Last week there was a massive "joe job" attack on Doxdesk.com, a site detailing browser parasites, porn diallers and other nasty plugins. The aim of the joe job was to generate fake spam supposedly advertising the site so it would get shut down.

    The spam was being generated from multiple locations simultaneously, and from IP addresses that looked like standard ISP subscribers, mostly in the US and Western Europe. It looks suspiciously like the spam was being sent from Trojanised PCs.

    Bearing in mind that the people most likely to want to force Doxdesk.com off the web were browser parasite writers, it seems to me that there is a definite link now between these parasites, certain viruses/trojans/worms and spammers. Just another bit of proof that these people have no respect for the law.

    --
    Never email donotemail@WeAreSpammers.com
  2. Re:What cash flow? by skurk · · Score: 5, Informative

    Quite a few, I'd guess.

    Some spammers make serious cash, for instance this fellow, who claims to have earned $1k each week.

    Composing another Outlook virus is trivial. Download an existing source (either from usenet or some web page), modify, and start spreading it.

    Any 13yo kid with some programming experience can do this, and if it pays $500, it probably beats mowing lawns for several weeks!

    --
    www.6502asm.com - Code 6502 assembly or.. DIE!!
  3. This is NOT new by Anonymous Coward · · Score: 5, Informative

    This has been the consensus at SPAM-L for quite some time. You might want to subscribe.

    Google for SPAM-L's FAQ

  4. Re:Tracking by Anonymous Coward · · Score: 3, Informative
    Seeing as how spammers are paid for the messages that they send out, how is it possible to track the messages that have been sent using this type of method?

    Easy. It's called seeding. Mass mailers and those selling mailing lists use it all the time. The idea is simple; along with the target addresses, the company paying for the mail service plants known fake addresses along with the supposedly good ones. If the known address is used when it shouldn't be or is not used when it should be, you automatically have your tracking.

    How this works in the spammer world, I don't know though I'm thinking that anyone moderately familiar with mass mailing can figure it out in an hour or two.

    Along those lines, though, if the company paying for the spammer's services is that sophisticated they also know that they are paying for an abusive service -- not one strictly made up of 'opt-in' or 'verified interested' people.

  5. not hard, but not effective either. by splerdu · · Score: 5, Informative

    While being anonymous for anonymity's sake isn't very hard to do, it is hard for a spammer to remain anonymous and be effective at the same time. These people are selling products, at the very least they can be traced to the guy who paid them to send the spam.

    Buy our new penis enlargement pills!
    Available at... errr... go figure

  6. PEBKAC by WegianWarrior · · Score: 3, Informative

    Or for those not so keen on abverbiations, Problem Exist Between Keyboard And Chair.

    Make sure you got the latest anti-virus program. Do not open attachments from prople you don't know. Be wary about opening attachement from people you do know. Avoid HTML-enchanted (ha!) mail like the plauge. If possible, run another e-mail client than Outlook and Outlook Express. Set up and maintain a firewall that can block traffic that goes out as well as in. Use common sence - you wouldn't enter a house of ill repute in real life in fear of a STD, so you shouldn't visit a website of ill repute in fear of getting a virus or worse.

    Seriously... if more people used their heads to think with and was a little more suspious about things, this would not be a problem.

    --
    Everything in the world is controlled by a small, evil group to which, unfortunately, no one you know belongs.
  7. It's true by paranode · · Score: 5, Informative

    I run honeypots and work in security and I can tell you firsthand that this is definitely an accurate conclusion to draw. People exploit Windows boxes all the time and the only things I ever see them do with them are opening up spam relays or hooking it up as a bot to a warez IRC channel. There's absolutely no skill involved, it's just script kiddies with automated tools taking advantage of lazy Windozers who forget to set SQL passwords or ever patch their system with the latest updates. It's pathetic, and it really makes me think that spam can never be stopped no matter how much legislation gets passed.

  8. Re:Bad for the business model by cdrguru · · Score: 3, Informative
    You miss the point - why do you connect the company selling a product with the spammer advertising it?

    Often, there is an advertising company that charges $1500 or so to "advertise" your product for you. They then pay subcontractors to actually send it.

    Also, often the company with the product gets told the advertising company's list is 100% opt-in. Then, they turn it over to subs with "send this to your list - any list" and include these email addresses...

    Until you make "spam" illegal to send out, you will never stop this. Advertisers absolutely believe they are selling a legal product that there is demand for. And there is - or you wouldn't be getting any spam.