Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spammers Using Hacked Machines as Decoys

Posted by michael on from the there's-gotta-be-a-law dept.

avi33 writes "This Wired story shows a disturbing alliance between hackers [sic] and spammers. Interestingly, they blame part of the alliance on market forces, leading some skilled engineers to the dark side for profit's sake. A Polish firm claims to have control of 450,000 Trojaned systems that it uses to mask the IP addresses of its hosted sites. In other words, you could host your Viagra-peddling site with a company that has a stringent no-spam policy, but a DNS lookup will point to a home user's compromised machine. Not quite bulletproof, but certainly ups the ante in the spam war."

4 of 413 comments (clear)

  1. Re:Firewall by loknor · · Score: 5, Informative

    Yes and it is worth the jump backwards in technology to help OS manufacturers continue to pedal sub par product and services that are the real cause of the problem. Attacking a problem at somewhere other than its source has always been such a great way to deal with challenges like this.

    --

    me karma am bad
  2. Re:Am I missing something here by jqh1 · · Score: 3, Informative

    My site/service got mentioned in a spam "newsletter" once without my knowledge or consent. I was promptly strung up on spamcop as a business that had advertised in spam -- and my site/service is a spam *fighting* service to begin with!

    The point here is there's so much spam with so many variations on the base set of presumed facts, that hair-trigger lawsuits will cause many friendly-fire victims. I doubt the spammer I mentioned above meant to cause me any harm by mentioning me in his "newsletter", but I doubt it would be too hard to find a situation where it's done on purpose -- i *have* been "joe jobbed" several times (used as the reply address on spam) and that gets pretty nasty, too, and presents a similar situation where spammers falsely implicate others. Add in swift and sure legal consequences, and it would be much worse. Even assuming the courts have the ability to determine a false positive defendant when they see one, just think of the expense of doing that.

    --
    who's moderating the meta-moderators?
  3. Re:interesting methodology by fractalus · · Score: 4, Informative

    I've watched the spam to my inbox go from a few messages a day at the beginning of this year to over 300 a day now. Doubling every ten weeks is a statistic I can believe.

    It's clear spammers have no regard for the law. One need only look at their track record: abusing open relays to defray the cost of sending mail, forging headers to divert attention away from themselves, advertising illegal products, businesses, or outright scams, exploiting vulnerabilities in computers to turn victims into zombies for more spamming.

    Educating users is futile... I can't even got most of my friends to stop forwarding the latest chain message. I barely saved one of my friends from falling for a credit card phishing scheme, and she's pretty experienced compared to most.

    The only thing that is going to work is to go after the people running spamvertised sites. But that's going to cause problems by creating a new kind of "Joe Job"... hire a spammer to spam for your competitor's product; the wrath of the anti-spam crowd then goes straight to your competitor.

    Damn spammers.

    --
    People are never as simple as their stereotypes. This applies equally to Christians, Muslims, and Emacs-lovers.
  4. Re:Firewall by nsxfreddy · · Score: 3, Informative

    Usually when a machine is trojaned, it communicates with the trojan creator actively, meaning it connects to an IRC channel, sends an email, somehow communicates on it's own. Most trojans would not be affected by an inbound firewall block since they would still be able to connect to the controller.

    It would not be that difficult to modify a trojan that gets it's commands through an IRC channel to send a spam through that same channel.