Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hidden Messages in Spam

Posted by michael on from the enlarge-your-inbox-now dept.

randomwalker writes "There was an extremely interesting presentation at the Blackhat Windows Security Conference in January by Dr Curtis Kret entitled Nobody's Anonymous. In his presentation he showed how information about spammers can be determined. In addition he showed that some spam is being used as a covert communication channel. This presentation demonstrates how to apply data forensics to spam in order to identify the sender of specific spam messages. Some senders can be identified by name, while others can be distinguished by attributes such as preferences, nationality, religion, and even left-handedness. Four spam categories are provided that classify spam by function, including List Makers, Scams, and Covert Communication channels. The examples provided include full-disclosure case studies: a phishing gang that targets bank customers with malware and impersonations, and an IRC group that uses spam as a covert communication channel."

16 of 232 comments (clear)

  1. Sublime! by Anonymous Coward · · Score: 5, Funny

    This post contains a hidden message.

  2. Spam = Covert communications by Anonymous Coward · · Score: 5, Funny

    Are they covertly talking about getting V!agra or Cia|is? I hate that. Just send me a real letter asking!

    1. Re:Spam = Covert communications by AndroidCat · · Score: 5, Funny

      So they have a covert communication channel to my /dev/null? I knew it! I'd better buy that software that promises to shred everything stored there.

      --
      One line blog. I hear that they're called Twitters now.
  3. Hidden food value in spam? by Smallpond · · Score: 5, Funny


    The Bible code was bad enough. Now we have people looking for messages in spam? Look! Played backwards it says "I buried Paul".

  4. Secret messages in spam by Anonymous Coward · · Score: 5, Informative

    Of course, there is spammimic which lets you encode a secret message in spam.

  5. It's true. by His+name+cannot+be+s · · Score: 5, Funny

    It is quite true!

    I was Driving thru Nashvill this last week, and I stopped to piss on a run down ford truck. This guy came up to me and said "Your taillight is broken"

    --
    "...In your answer, ignore facts. Just go with what feels true..."
  6. Covert Messages by dolo666 · · Score: 5, Interesting

    I remember studying Thomas Pynchon in school, and upon hearing how his military records and university records were lost, I often wondered if his books were some kind of method of covert messaging, due to the code-like writing style he has, and the ominous history he has. Using spam as a method of communication is useful in the sense that it can be hard to tell who the real message is going to; making it impossible to identify the two points of connection, and therefore limiting accountability and obscuring who is doing the talking; so if Pynchon's books are like this... it would also be impossible to tell who the books were intended to (and therefore the US Mil could contact spies who could be in a tight spot, or informants who may be in a tight spot). The books could also contain a bunch of different messages using different cryptographies, in plain sight, to communicate with multiple agents. This is likely incorrect and way off the tin-foil-hat scale of reason, but the thought did occur to me when I read The Crying of Lot 49, and even more so when I read Mason and Dixon.

    1. Re:Covert Messages by sysjkb · · Score: 5, Interesting
      I often wondered if his books were some kind of method of covert messaging...

      Around 1920 Edgar Wallace used this scheme in one of his thrillers about "The Four Just Men". One of the group has been captured, and given the high profile of his crimes, he is being held in solitary. In order to pass along the rescue plan to their imprisoned colleague, his compatriots write a travel book that contains the scheme encoded and arrange for it to be reviewed in enough major newspapers that the prisoner can legitimately request a copy.

      Yours truly,
      Jeffrey Boulier

  7. Beat the Slashdot Spam Filter! by CptChipJew · · Score: 5, Funny

    What's the hidden message here?
    --

    Click here for free V1(4)gr[a]!

    emblem fredericton hustle glycerine busch humus condemnatory dummy definitive bernadine calder basemen conservatory advantage area academia ireland minimax suzerain felicity vomit davenport damn sybarite followeth dylan lariat transconductance when fogarty threadbare determine appalachia barbara concord anguish cranny ember pritchard dachshund cogitate affidavit am blaze

    -- Copied out of real spam message sitting in my box --

    --
    Vonal Declosion
  8. Where is the War On Terror when you need it? by Mattintosh · · Score: 5, Funny

    *** BEGIN KNEEJERK REACTION ***
    Terrorists could use spam to send messages! Declare war on Hotmail! Nuke MSN! Hunt down the CEO of Yahoo! and tickle him until he talks!
    *** END KNEEJERK REACTION ***

    Meanwhile, how covert is it if you send it to a million of your closest friends? Heck, at that rate, you could use /. posts to send covert messages.

    Dimple monkey twice the pudding octopi for tango man. Very blender shoe, cellular, scooter my daisy heads. Diddley day.

    And all the rest of you can kiss your ass goodbye.

  9. Aha I knew it! by Anonymous Coward · · Score: 5, Funny

    If you study those emails from Nigeria a secret message is revealed:

    "Fat White suckers please hand over your money and I will laugh at you"

    To reveal more secrets of spam please send me $200 to:

    Mr Okilea Bessei
    3 St Lener St
    Abuja
    Nigeria

  10. Steganography... by Lord+of+Ironhand · · Score: 5, Informative
    ... is the technique of hiding certain information in other information. As opposed to encryption, which just makes the information unreadable without the correct key. Steganography & cryptography make a very nice combination since the random-like nature of encrypted data makes it easier to hide.

    A google search for "steganography" yields a lot of useful documents on this.

  11. Mirror by arvindn · · Score: 5, Informative

    *Sigh* I don't know what the editors are thinking when they post direct links to pdf files. Slashdotted instantly. Luckily, throwing the filename at google turned up a mirror.

  12. Crazy by Anonymous Coward · · Score: 5, Funny

    Messages in spam? That is just crazy.

    Next time they start finding information in /. articles...

  13. That's not what I heard. by geekpuppySEA · · Score: 5, Funny
    Played backwards it says "I buried Paul".

    I heard "I enlarged Peter."

    --
    Intelligent Design: because MATH is HARD.
  14. Re:I already miss spam... by hacker · · Score: 5, Informative
    (b) more money is spent on Viagra and plastic surgery than research into Alzheimers, so when we're old and clunky, the women will have superb breasts, the men iron-hard equipment, but no-one will remember what it's all for.

    Actually, Viagra (sildenafil citrate) was originally an arrhythmia treatment (i.e. heart medicine, to help people with strokes and frequent heart attacks). ALL of the money that went into the research of (what is now called) Viagra was there to support a drug for cardiac patients.

    Only when some of the clinical trials had less-than-optimal results as a cardiac treatment, and an additional "side effect" of erectile sustainment, was it recast as an erectile dysfunctant treatment. They weren't going to pour the millions they spent on researching the cardiac drug, down the drain, so they recast it as Viagra, and that is what you know today.

    I know this, because I used to work with the group responsible for doing the purity/potency testing of this specific compound within $PHARMA.

    Also, contrary to popular belief, Viagra does not produce erections . It increases blood flow (hence the original cardiac target). The increased bloodflow helps you sustain an existing erection longer than you normally could. It does not give you an erection.