Slashdot Mirror

← Back to Stories (view on slashdot.org)

Researchers Hijack Storm Worm To Track Profits

Posted by Soulskill on from the storm-chasers dept.

An anonymous reader points out a story in the Washington Post, which begins: "A single response from 12 million e-mails is all it takes for spammers to turn annual profits of millions of dollars promoting knockoff pharmaceuticals, according to an unprecedented new study on the economics of spam. Over a period of about a month in the Spring of 2008, researchers at the University of California, San Diego and UC Berkeley sought to measure the conversion rate of spam by quietly infiltrating the Storm worm botnet, a vast collection of compromised computers once responsible for sending an estimated 20 percent of all spam." The academic paper (PDF) is also available. We've previously discussed another group of researchers who were able to infiltrate the botnet for a different purpose.

11 of 128 comments (clear)

  1. Double standards? by Anonymous Coward · · Score: 5, Interesting

    How come they don't track down the IP addresses of infected computers and inform the users their computer is compromised? It seems these researchers also are getting a kick out of the botnet at the cost of the victims.

    1. Re:Double standards? by darkside_al · · Score: 5, Insightful

      Because it's useless, most probably, that user in one hour will enter another p0rn site and get infected again. The big problem in securing home computers is user behavior, doesn't matter that you put a lot of warnings, he will hit install in a sec if is searching for pr0n.

    2. Re:Double standards? by Erikderzweite · · Score: 5, Funny

      Or they could change the worm to format hard disks on infected machines -- once done, a PC cannot send spam till reinstall. And this time, the user will be a bit more careful about PC security.
      Problemo solved!

    3. Re:Double standards? by Seth+Kriticos · · Score: 4, Interesting

      That is a bit harsh, but the basic idea is not that wrong. Users don't care about security because it is a bigger inconviniance than the not doing it. The botnets are quiet and Joe Sixpack can't relate insecure OS / config with spam (don't cares).

      Maybe someone should introduce some inconviniance for spam infected bandwitch usage (i.e. charge money for the potnet traffic)? If people have to pay for compromized systems, then maybe they will get up their ass*s. Just a thought.

      And yes, I know, the idea must be elaborated and gives a whole set of new issues.. Just ment as starting point for a discussion.

    4. Re:Double standards? by X0563511 · · Score: 4, Insightful

      Imagine this scenario:

      You have Bob. Bob has a thing about catching STDs. No matter how many times he gets cleaned up, he turns around and does something stupid and gets a new one, and in turn passes them on.

      Is it unethical to study his infections? The subject won't stop getting the infections, nor will he stop spreading them. However, we can use what we learn from studying the subject further on down the line.

      Not quite so black and white is it? I side with the researchers. The botnet will be there either way, and if we actively destroy it a new one will be made in it's place (and possibly improved, preventing study). Might as well learn what we can from it before making a move.

      --
      For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
  2. Re:HMM... by HexaByte · · Score: 5, Funny

    They must be really smart. After all, how are they able to figure out how it is that I'm in need of a bigger schlong, can't get it up w/o viagra and need a new Rolex at bargain prices and I'm looking for a Russian wife. I mean, what kind of research have they been doing to target me perfectly?

    --
    HexaByte - he's a square and a half!
  3. Spam protection by Andr+T. · · Score: 4, Interesting

    I don't have any data to back this up, but it seems to me that people are migrating from small provider companies to big internet provider companies - and their e-mail is going together. And it also seems to me that all those big companies have good e-mail filters (or they're getting one that will be good in a small period of time). If that's true, spam will face a dead end pretty soon.

    Even if you stay with a small provider company with your personal e-mail, there are many good solutions to avoid spam. I used Popfile for a long time and it worked pretty well.

    Either way, if people will go to their spam box and click that viagra ad, it will be their problem. It doesn't affect me anymore.

    --

    Any life is made up of a single moment, the moment in which a man finds out, once and for all, who he is.

  4. Re:HMM... by aaron+alderman · · Score: 5, Funny

    You post on Slashdot?

  5. Storm Worm by phazux · · Score: 4, Funny

    Oh, Spam... right.

    When I first read the title, I was thinking more along the lines of:

    Bless the Maker and His water.
    Bless the coming and going of Him,
    may His passage cleanse the world,
    may He keep the world for His people.

    -- Frank Herbert

    --
    -- Working to secure tomorrows technology. Honestly Officer!
  6. the vigilante approach by v1 · · Score: 4, Interesting

    I realize this will either be wildly popular with you or you'll hate it, but what I'd like to see someone do is infiltrate the botnet somehow (either by vulnerability or crack their key or whatever) and send a command to the herd to zero the boot sector and shut down their host. (the zombies, not the herder's machines)

    Nothing enough to cause data loss, but enough to force the naive owners to take their machines to someone to get them fixed/cleaned up. I'm tired of being a victim of computer neglect en masse.

    Not saying there's just one botnet out there, so I'd be greatly entertained to see them fall one by one. Should make a nice spectacle. Wouldn't it be entertaining to get up tomorrow and read front page stories all over the place the likes of which we got with Code Red, that a sizeable chunk of zombies just dropped off the grid and there were long lines at the PC repair shops this morning? Stories of entire businesses being brought to a halt because 95% of the machines in their office were owned? Sorry, but "serves them right", and thank you have a nice day while I go check my mail and see 80% fewer medications for sale.

    --
    I work for the Department of Redundancy Department.
  7. Re:HMM... by zappepcs · · Score: 4, Interesting

    Actually, I'd rather they be made to pick up a piece of litter for every spam email they sent, or some other such public service that equates piece for piece to the amount of spam they have sent.

    Repaint a house for someone = 100 spam messages
    Clean up a city block of litter = 100 spam messages

    Well you get the point. Force them to wear bright yellow spandex jumpsuits with the spam logo on it until they have fully atoned.

    Whatever the punishment, it should be public, and only mildly degrading.

    Something that lets us all remember what they did, and what it costs in reparations.

    --
    Support NYCountryLawyer RIAA vs People