Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hidden Messages in Spam

Posted by michael on from the enlarge-your-inbox-now dept.

randomwalker writes "There was an extremely interesting presentation at the Blackhat Windows Security Conference in January by Dr Curtis Kret entitled Nobody's Anonymous. In his presentation he showed how information about spammers can be determined. In addition he showed that some spam is being used as a covert communication channel. This presentation demonstrates how to apply data forensics to spam in order to identify the sender of specific spam messages. Some senders can be identified by name, while others can be distinguished by attributes such as preferences, nationality, religion, and even left-handedness. Four spam categories are provided that classify spam by function, including List Makers, Scams, and Covert Communication channels. The examples provided include full-disclosure case studies: a phishing gang that targets bank customers with malware and impersonations, and an IRC group that uses spam as a covert communication channel."

11 of 232 comments (clear)

  1. Secret messages in spam by Anonymous Coward · · Score: 5, Informative

    Of course, there is spammimic which lets you encode a secret message in spam.

  2. Re:It's true. by MisanthropicProgram · · Score: 2, Informative

    I guess I'm still asleep. It took me a while to get the Dr. Nash ("A Beautiful Mind") reference!

  3. Steganography... by Lord+of+Ironhand · · Score: 5, Informative
    ... is the technique of hiding certain information in other information. As opposed to encryption, which just makes the information unreadable without the correct key. Steganography & cryptography make a very nice combination since the random-like nature of encrypted data makes it easier to hide.

    A google search for "steganography" yields a lot of useful documents on this.

  4. Mirror by arvindn · · Score: 5, Informative

    *Sigh* I don't know what the editors are thinking when they post direct links to pdf files. Slashdotted instantly. Luckily, throwing the filename at google turned up a mirror.

  5. Re:Sublime! by Brian+Boitano · · Score: 1, Informative

    Here, I've outlined it for everyone:

    This "First post" contains a hidden message.

    --
    What would Brian Boitano do?
  6. rent '3 days of the condor' by dhenry · · Score: 3, Informative

    For your hidden-code-in-popular-fiction pleasure...

    Robert Redford discovers a double-secret CIA plot after analyzing book plots for the CIA.

    P.S. - DO NOT look for the book in used bookstores, it sucks. The movie smooths out some of the macho BS in the book and adds some depth.

    -- "Me post off-topic one day"

  7. Re:Hidden food value in spam? by Anonymous Coward · · Score: 1, Informative

    The problem with the bible code is that the Hebrew language has words with far too many meanings. Along with words that are also numbers which can then be interpreted as dates. Not only that you add in a few more calendars (Roman, Jewish, etc) then you have a few more possibilities for a match. I find it interesting that they insist on testing the vailidity of the bible code against modern texts written in English apposed to other accient texts also written with Hewbrew as the native toungue. I think they would find that the Bible code is not nearly as valid once you take into consideration the nature of the Hebrew language.

  8. Working URL for the Paper by DaneelGiskard · · Score: 4, Informative

    Server's down, here is another one ;-)

    bh-win-04-kret.pdf

  9. Re:I already miss spam... by hacker · · Score: 5, Informative
    (b) more money is spent on Viagra and plastic surgery than research into Alzheimers, so when we're old and clunky, the women will have superb breasts, the men iron-hard equipment, but no-one will remember what it's all for.

    Actually, Viagra (sildenafil citrate) was originally an arrhythmia treatment (i.e. heart medicine, to help people with strokes and frequent heart attacks). ALL of the money that went into the research of (what is now called) Viagra was there to support a drug for cardiac patients.

    Only when some of the clinical trials had less-than-optimal results as a cardiac treatment, and an additional "side effect" of erectile sustainment, was it recast as an erectile dysfunctant treatment. They weren't going to pour the millions they spent on researching the cardiac drug, down the drain, so they recast it as Viagra, and that is what you know today.

    I know this, because I used to work with the group responsible for doing the purity/potency testing of this specific compound within $PHARMA.

    Also, contrary to popular belief, Viagra does not produce erections . It increases blood flow (hence the original cardiac target). The increased bloodflow helps you sustain an existing erection longer than you normally could. It does not give you an erection.

  10. Re:Why is this suprising. by sartin · · Score: 4, Informative
    perhaps i'm missing something here, but if someone wanted to send someone else an extremely covert message, why wouldn't they just encrypt it?

    Traffic analysis. Since not all intercepted messages can be decrypted in a timely fashion, one way intelligence is gathered is by looking at the communication patterns independent of the content. Knowing that bad person A sent unknown person B some set of messages (and even moreso noting that they were strongly encrypted) yields a strong suspicion that person B is part of the same bad collective as person A. By sending many messages all over that are noise, the real communication is lost in the noise. Not just the data in the communication, but the data about the communication.

  11. Or disco songs too by Anonymous Coward · · Score: 1, Informative

    The same guy also came up with a scheme for hiding messages in lists. The applet uses disco songs, but any ordered list will do.