Researchers Hijack Storm Worm To Track Profits

An anonymous reader points out a story in the Washington Post, which begins: "A single response from 12 million e-mails is all it takes for spammers to turn annual profits of millions of dollars promoting knockoff pharmaceuticals, according to an unprecedented new study on the economics of spam. Over a period of about a month in the Spring of 2008, researchers at the University of California, San Diego and UC Berkeley sought to measure the conversion rate of spam by quietly infiltrating the Storm worm botnet, a vast collection of compromised computers once responsible for sending an estimated 20 percent of all spam." The academic paper (PDF) is also available. We've previously discussed another group of researchers who were able to infiltrate the botnet for a different purpose.

Re:Double standards?

[darkside_al]

Because it's useless, most probably, that user in one hour will enter another p0rn site and get infected again. The big problem in securing home computers is user behavior, doesn't matter that you put a lot of warnings, he will hit install in a sec if is searching for pr0n.

Re:Double standards?

[X0563511]

Imagine this scenario:

You have Bob. Bob has a thing about catching STDs. No matter how many times he gets cleaned up, he turns around and does something stupid and gets a new one, and in turn passes them on.

Is it unethical to study his infections? The subject won't stop getting the infections, nor will he stop spreading them. However, we can use what we learn from studying the subject further on down the line.

Not quite so black and white is it? I side with the researchers. The botnet will be there either way, and if we actively destroy it a new one will be made in it's place (and possibly improved, preventing study). Might as well learn what we can from it before making a move.