Slashdot Mirror

← Back to Stories (view on slashdot.org)

Next Generation Spam Zombies Will Use Data Mining

Posted by ryuzaki0 on from the hate-these-new-fast-zombies dept.

branewashd writes "The Globe and Mail is covering some new research on the future of spam. The paper 'Spam Zombies from Outer Space', from researchers at the University of Calgary, will be presented on Sunday at the European Institute for Computer Anti-Virus Research conference. According to the paper, the next generation of spam zombies will employ 'sophisticated data mining of their victims saved email'. When a computer is turned into a spam zombie, it will first be mined of its address book, mail client configuration, and mail archives. Then the spam program will use Natural Language Processing techniques to send spam messages to the victim's contacts that look a lot like messages that the user has previously sent. The researchers predict that this will be extremely hard to detect, but they do offer a few suggestions for combating it."

14 of 133 comments (clear)

  1. The three forces driving spam by chriss · · Score: 4, Insightful

    Technical advances Better tricks to fool spam filters, like the examination of text the user has written mentioned in TFA. This is close to impossible to stop, the only way is to try to be faster in developing better anti spam tools. Lack of security Most spam today is send from captured machines, and in the future these machines will not only be used to send but also to improve spam. This could be helped by better educated users, better default system security or easier to understand security configurations. At least there is hope. Response The only reason for all this spam is that it still pays. Even though it is a very small number of people, it is enough to finance the whole illegal business of building bot nets, stealing addresses etc. If there was a way to stop people to buy that stuff, the other two points would be irrelevant. Unfortunately this is not going to happen, which is the most frustrating part.

    --
    memomo: free web based language trainer DE-EN-ES-FR-IT
    1. Re:The three forces driving spam by Arandir · · Score: 4, Funny

      The only reason for all this spam is that it still pays.

      Here's the funny thing. Joe will receive a spam that has been carefully constructed as to appear to be coming from his mother. Why the fsck would he believe it? Is he so stupid that he would buy viagra and hoodia from his mother? The answer, unfortunately, is yes...

      "Dear Son,

      I am so sorry to hear about your injury. Have you considered **Ci@L15**? My arthritis is acting up, I think I will LAST ALL WEEKEND! When will you come down next, because PLEASE THE CHICAS!

      Love,
      Mum"

      --
      A Government Is a Body of People, Usually Notably Ungoverned
  2. I Hope They Don't Know About Weka! by eldavojohn · · Score: 3, Funny
    Damn, I hope they don't abuse the hell out of the Weka Project, that's one slick open source engine I've used time and again. It'd be a crying shame to see it put to use of ill repute!
    The researchers predict that this will be extremely hard to detect, but they do offer a few suggestions for combating it.
    Like what? Capital punishment for spammers?
    --
    My work here is dung.
  3. Same reply for all these threads.. by brxndxn · · Score: 4, Insightful

    1. This is Microsoft's fault.. Microsoft should fix their operating system to ask for a password any time a program is installed, registry settings are changed, key files are modified, etc.. Also, 'install on demand' should be eliminated from Internet Explorer. Ever notice how spyware pretty much didn't exist before Microsoft gave the developers complete control over a person's PC? The end user is stupid. The whole premise of Windows assumes that.. So then why did Microsoft decide that the end user should be able to have his system completely compromised with ONE SINGLE GODDAMN FUCKING WRONG CLICK WHEN BROWSING A SHADY SITE?

    2. This is the fault of the legal system. Spyware is ALREADY illegal. Congress has talked about making it 'illegaler.' Someone needs to jump forth and realize the moneymaking potential that it is to sue the pants off the incessant spammers.

    Again.. 99.9% of spyware problems can be fixed by just running in limited user mode. Ubuntu has the right idea..

    --
    --- We need more Ron Paul!
  4. From the average college student's computer... by Qzukk · · Score: 4, Funny

    "Hi mom, I'm coming home this weekend, and I'll have a load of laundry. I'll also need some money because I can get P3NNY ST0X GO WILD OVER OTCBB FFFF! and some C1AL1S CHEAP AT HTTP //CHEAPERDR00GZ.MX/ !! Could you just transfer the funds to my account, it's easy to do, just go to 12.51.53.21/htedit/upload/pics/boa_rip/index.htm [bankofamerica.com]!"

    --
    If I have been able to see further than others, it is because I bought a pair of binoculars.
  5. What piques me about the article... by GillBates0 · · Score: 4, Insightful

    ...is that they fail to mention the fact that _most_ (if not all) of these "spam zombies" happen to be Windows based machines. Agreed, most of the machines in the world run Windows, but shouldn't the news article atleast mention the fact that the 'zombification' is attributable (most of the time) to Windows vulnerabilities? Don't know if the UCalgary research team mentioned it in their paper.

    --
    An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
    1. Re:What piques me about the article... by Jakeypants · · Score: 3, Insightful

      No, the problem isn't Windows vulnerabilities, it's uneducated users. My Windows PC is on all the time, connected to the internet, and it's behind a firewall. It hasn't ever been hit by any of these problems that slashdotters ever claim "just happen" to Windows PCs.

      Look at it this way. If Linux was the dominant platform, the issue would still exist. Let's assume for a second that Linux is 100% secure. The user will still see something online that says "Click here for free screensavers!" and guess what, they'll click there for free screensavers. The typical, uneducated user, would run as root all the time and install every piece of trash software they could.

      This is a Windows problem because of the users, not because of Windows.

  6. That's not data mining. It's just copying data by etully · · Score: 5, Informative

    Pet Peeve: Data mining is about making statistical inferences based on a large group of data and extracting patterns that nobody saw before.
    Examining someone's address book, copying an email in the Outbox, and inserting junk in the middle of that is no more than low tech vandalism.

  7. Re:welcome to #oldnews by Foobar+of+Borg · · Score: 4, Funny
    1998 called and wants their news back

    1990 called and wants their "$YEAR called and wants their $ITEM/CONCEPT back" meme back.

    --
    Similar to the upcoming US election results
  8. Re:Spam Zombie? by Kelson · · Score: 4, Informative

    What does this exactly entail? Does the computer first have to be compromised? Spyware/spamware installed through a backdoor? I've lightly read through the paper and it does mention that some sort of malware may be present on the victim's machine.

    Yes. This has been standard operating procedure for many spammers for about two years now. Virus, worm, and spyware authors set up backdoors through which compromised computers can be loaded with spam-sending software. Then they sell access to these botnets on the black market. Spammers use software designed to blast out commands to dozens or hundreds of bots sitting in homes, businesses and elsewhere, which then spew their virtual sludge across the internet.

    The hardcore spammers effectively have infinite processing power and bandwidth, since they can distribute the load across a botnet, and when the same spam run is coming a few messages at a time from hundreds of IP addresses, it's a lot harder to blacklist by IP. That's why many ISPs have started filtering outgoing SMTP traffic, and why blacklists have cropped up that just block any incoming mail from dynamic IP space.

  9. Well poisoners... by mengel · · Score: 3, Interesting
    These are attempts to poison word-based beysian(sp?) spam filters.

    If you mark enough of these random collection of useful word messages as spam, your beysian spam filer will start filing real, useful email as spam, and you will eventually decide the filter doesn't work and turn it off...

    Of course, if you feed your filter just the headers and stuff that actually looks like spam, and not the blocks of random words, it can still learn useful things.

    --
    - "History shows again and again how nature points out the folly of men" -- Blue Oyster Cult, 'Godzilla'
    1. Re:Well poisoners... by chriss · · Score: 4, Funny
      If evolution wasn't broken and stupid people did less breeding and more dying ...

      I think this would be an universal solution to almost all of mankinds problems.

      --
      memomo: free web based language trainer DE-EN-ES-FR-IT
  10. Oh, really? by aardvarkjoe · · Score: 4, Funny
    Then the spam program will use Natural Language Processing techniques to send spam messages to the victim's contacts that look a lot like messages that the user has previously sent. The researchers predict that this will be extremely hard to detect, but they do offer a few suggestions for combating it.
    For instance, before sending someone your credit card number, take a moment to ask yourself whether or not your mother is likely to be offering to sell you penis enlargement pills.

    Somehow, I don't think it is going to be difficult to tell the difference, simply because my friends are not trying to peddle things to me.

    --

    How can we continue to believe in a just universe and freedom to eat crackers if we have no ale?
  11. My solution is to make no friends by Donjo · · Score: 3, Funny

    Then I won't be in anybody's contact list.