Slashdot Mirror

← Back to Stories (view on slashdot.org)

Prosecuting Spamming Crackers?

Posted by Cliff on from the shutting-them-down dept.

lnixon asks: "As a recent Slashdot article mentioned, the latest trend in spamming is to use cracked Windows machines for sending spam and hosting spamvertised web sites, 'spacking', as Wired terms it. A couple of weeks ago, I started tracking one of these cracker rings down, carefully documenting the trail as I went.Mostly through luck, I actually found the originating server. This information should seriously put a crimp in their activities...if only I could get the law interested. I have tried to get the attention of CERT, of FBI and of my local police authorities, but nobody seems to be interested. Now, what should I do? Organize a posse?"

3 of 51 comments (clear)

  1. Re:Here's how to get law enforcement's attention by the+Man+in+Black · · Score: 2, Interesting

    Modded funny, but you've got a reasonable point there. Call up your local FBI office with reports of "an unknown organization that has illegally compromised computer systems for the purposes of anonymously sending subversive and possibly terrorist communications." Try to get transferred to an Electronic Crimes Unit, if your FBI office has one. Toss them the IP and detail how you tracked it down. Trust me, they'll unleash the dogs of war.

    Hell, crying "terrorism" is working for everything else nowadays, why not get something positive done with it?

    --
    El riesgo vive siempre!
  2. Pre-emptive Strike by Markus+Registrada · · Score: 2, Interesting
    The only way to deal with these distributed attacks is pre-emptively: any host that is susceptible to attack by a spammer must be attacked first by an anti-spammer. The most effective way would be via worms, but that does not suffice. Spammers also enter via booby-trapped web pages and e-mail viruses, so anti-spammers must use those vectors as well. Anti-spammers have to attack first, because otherwise the spammers will plug up the holes behind them, making it progressively harder to root them out after they have installed their own malware.

    It is tempting to think that simply closing off the known holes in the target machines should suffice. That's just wishful thinking. There will always be other ways for the spammers to enter, not yet discovered. The only way to keep the spammers out of those hosts is to wipe them clean. Eventually the owners will either leave them disconnected from the internet, or wiped, or will install something secure. Until then, they need to be wiped as many times as needed to get the message across.

    This level of conflict was inevitable once the spammers encountered enough interference in their old methods. Now there's no going back. We need to ensure, positively, that any host that is connected to the net really is secure enough not to be hijacked by the spammers, and there's only one way to do that.

    The only practical problem with this method is that the spammers have a vector available that anti-spammers don't. Spammers can put their viruses in their own spam, and booby-trap their own web pages referenced by their spam, but anti-spammers can't use those vectors without themselves spamming. Fortunately there are so many holes in the target systems that it will be some time before that difference actually protects the target hosts.

  3. Only way to get law enforcement to help... by macdaddy · · Score: 2, Interesting

    ...short of being a corporation that makes millions each year, is to get the media involved. The best thing in the world to make law enforcement do something is bad PR. I know a couple reporters at a few large newspaper that might run a story about it. Let me know if you want me to put you in touch.