Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spammers Using Hacked Machines as Decoys

Posted by michael on from the there's-gotta-be-a-law dept.

avi33 writes "This Wired story shows a disturbing alliance between hackers [sic] and spammers. Interestingly, they blame part of the alliance on market forces, leading some skilled engineers to the dark side for profit's sake. A Polish firm claims to have control of 450,000 Trojaned systems that it uses to mask the IP addresses of its hosted sites. In other words, you could host your Viagra-peddling site with a company that has a stringent no-spam policy, but a DNS lookup will point to a home user's compromised machine. Not quite bulletproof, but certainly ups the ante in the spam war."

3 of 413 comments (clear)

  1. Firewall by JohnGrahamCumming · · Score: 3, Interesting

    Of course if broadband ISPs were to implementing a simple inbound firewall
    for every user then they'd eliminate most of these problems overnight:
    trojaned machines would be unreachable, worms like CodeRed that scan for
    vulnerabilities would be halted.

    The few users of broadband who actually need to run an Internet visible
    server would then have to contact their ISP for a port to be opened, but
    that seems like a small price to pay for cutting off 1000s of machines that
    have been hacked.

    Naturally, this would cause file steal^H^H^H^Hharing applications to stop
    working.

    John.

    1. Re:Firewall by 4of12 · · Score: 3, Interesting

      not always that easy to find the real "root of the evil"

      I have to smile when I think of how true that is. All of the onus of responsibility for computer viri and worms these days is conveniently placed on the writer and dispatcher of the virus or worm. And, yes, they should be held responsible for their primary role.

      Fewer people take the time to think that such viri and worms would be fewer and farther between if the underlying OS were designed and implemented better.

      Fewer still concede that they have some personal responsibility to apply patches and updates in a timely manner, or that they have to take the time to understand how to harden their systems.

      But it's a whole lot more convenient and comfortable to place blame onto the "hacker" than to think that we all have a hand in the creating environment where exploits flourish. Despite how comfortable we feel about placing blame in a simple-minded way, it doesn't seem to have been an effective framework for a policy for improving the situation. At least, not if the past 5 years are any guide, it hasn't.

      It's consistent, though. Along with an incorrect view of the problem will come an incorrect solution. TCPA will be foisted upon us in the name of curing "The" problem of "hackers", just as the "Patriot" Act has cured us of the problem of "terrorists."

      --
      "Provided by the management for your protection."
  2. It's only a matter of time... by Have+Blue · · Score: 3, Interesting

    ...Before computer use (at least on the Internet) requires a license. I realize that has some very large drawbacks, but at the rate we're going one day the benefits really will outweigh the drawbacks. Do we have to wait until network traffic is 90% spam and viruses? 99%? 100%? A computer can do more damage to the network than a car can do to a highway, and we license driving. Maybe we'll wait until poor network performance starts to kill people by interfering with hospitals and emergency services.