Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rustock Botnet Responsible For 40% of Spam

Posted by timothy on from the long-walk-short-plank dept.

angry tapir writes "More than 40 percent of the world's spam is coming from a single network of computers that computer security experts continue to battle, according to new statistics from Symantec's MessageLabs' division. The Rustock botnet has shrunk since April, when about 2.5 million computers were infected with its malicious software that sent about 43 billion spam e-mails per day. Much of it is pharmaceutical spam."

29 of 250 comments (clear)

  1. Somebody by bobstreo · · Score: 5, Insightful

    Hunt them down and kill them all
    Please

    1. Re:Somebody by DWMorse · · Score: 4, Funny

      And then, unplug their computers.

      That's... that's what you meant, right?

      --
      There's a spot in User Info for World of Warcraft account names? Really?
    2. Re:Somebody by 228e2 · · Score: 4, Informative

      No.

      I know its "crazy" to think that not everyone knows how to run a bare bones Linux distro and knows how to block all ports except for 80, 8080, and say 21-23. But believe me when I say that the majority of computer users are incredibly inept when it comes to basic computer security.

      Grandma will never be a network admin. Neither will your local elementary school teacher. Just because people run Windows out of the box and have no idea they are harboring an orgy of botnets is it fair to call them criminals.

      --
      Since when does being a Socialist mean 'someone who has a different opinion than me'?
    3. Re:Somebody by Anne+Thwacks · · Score: 4, Insightful
      Starting with the pharma companies whose products are being promoted, and the credit card companies who process the transactions.

      (They are the low hung fruit.)

      --
      Sent from my ASR33 using ASCII
    4. Re:Somebody by crow_t_robot · · Score: 3, Insightful

      (They are the low hung fruit.)

      Considering what they are selling, they are also the "well hung" fruit.

    5. Re:Somebody by selven · · Score: 5, Insightful

      I agree with hitting the pharma companies, but the credit card companies? I'd rather have them be neutral providers of monetary exchange services than have them decide what's legitimate and what isn't, just like ISPs should stay out of copyright enforcement.

    6. Re:Somebody by tibit · · Score: 4, Interesting

      You know what's really interesting in spam? For spam to pass the content filters, especially those based on statistical models of language, it has to have purposeful mistakes inserted all over the place. In the end, a piece of spam typically looks like if a stoned idiot wrote it. But now it seems that people who author the message in the first place became somehow infected by the stoned idiocy of their own messages.

      A few months ago I went through 300 non-scamming spam messages in my spam folder, and only managed to get to 5, I repeat, 5 payment screens. That means that most spam is pretty pointless: the websites it points to, if they haven't been left out (happens quite often), are mostly broken so that there's no way to actually pass any money to the spammer, even if you try really hard. Sometimes they superficially look like they may work, but when time comes to actually submit a payment, things are very likely to be broken. I have been testing stuff using virtual credit cards available from my bank, with very low limits -- below that of the payment amount. On a working site, you get some indication that the transaction was declined. In most places, though, there would be internal server errors, javascript errors preventing payment submittal, and all other sorts of problems.

      I think that bulk emailing operations are simply around to milk the spammers for money, and only the mailers make any money -- the spammers themselves seem too stupid to get any.

      It's quite hilarious.

      --
      A successful API design takes a mixture of software design and pedagogy.
    7. Re:Somebody by Lurker2288 · · Score: 3, Insightful

      Yeah, go after Pfizer. Because I'm sure it's really them that's putting out all that Viagra spam, and totally not bullshit suppliers of counterfeit drugs.

      Seriously, do you have any idea how tightly regulated even direct to consumer drug ads are? There's no way any legitimate company is involved in this. I know it's fun and exciting to blame Big Pharma for everything wrong in life, but how about we stick to the many things they ACTUALLY do wrong, rather than random shit we merely attribute to them?

  2. Pharmaceutical by Tubal-Cain · · Score: 3, Insightful

    Much of it is pharmaceutical spam.

    A very particular kind of pharmaceutical.

    1. Re:Pharmaceutical by compro01 · · Score: 5, Informative

      My accounts have been getting more offers of narcotics than genital enlargement in the past few months. Also got a few spams selling antibiotics, which is a new one, and even more reprehensible if they're genuine.

      --
      upon the advice of my lawyer, i have no sig at this time
    2. Re:Pharmaceutical by compro01 · · Score: 4, Insightful

      The spam is offering antibiotics such as linezolid, teicoplanin, daptomycin, and tigecycline, antibiotics that are reserved for highly resistant bacteria ("superbugs" like VRE and MSRA), not the stuff you can get from a veterinarian. These drugs being used inappropriately is a very bad thing.

      --
      upon the advice of my lawyer, i have no sig at this time
  3. Voluptuous woman falls over heavy chest by Spewns · · Score: 5, Funny

    Make your girl happy with your long and huge meat machine.

    *link to .ru website*

  4. Oh PAH-LEEEZE by Frosty+Piss · · Score: 5, Insightful

    First and foremost, don't expect ANY help from the "security" companies like Symantec and the like, SOLVING this problem would mean the end to their extortion business.

    And, don't expect ANY help from the "white hats" in general, all they can do is walk in circles pontificating about how it would be unethical to hack these networks and bring them down.

    So really, the only solution is the possibility of someone with "black hat" skilz that wants to be paid to take the system down outside the "law".

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:Oh PAH-LEEEZE by Nemyst · · Score: 4, Interesting

      Your wording seems to indicate contempt. White hats or security experts unfortunately have their hands tied. They probably know how to take down the botnet, but that involves illegal activity. While the criminals are hampered by no such things, the lawful guys are stuck with it: anything they'd do that would be essentially good would get them jailed.

    2. Re:Oh PAH-LEEEZE by Yvan256 · · Score: 5, Interesting

      So, Lone Star, now you see that evil will always triumph because good is dumb. - Dark Helmet

    3. Re:Oh PAH-LEEEZE by PatPending · · Score: 5, Funny

      So really, the only solution is the possibility of someone with "black hat" skilz that wants to be paid to take the system down outside the "law".

      Hudson: Let's just bug out and call it even, OK? What are we talking about this for?

      Ripley: I say we take off and nuke the entire site from orbit. It's the only way to be sure.

      Hudson: Fuckin' A...

      --
      What one fool can do, another can. (Ancient Simian Proverb)
  5. So how hard.... by Anonymous Coward · · Score: 3, Insightful

    Is it to order some of their crap. Track down where the money goes.

    And kill them.

    We've spent more doing less millions of times... Why don't we get around to fixin this problem?

  6. anti-spam by bakamorgan · · Score: 4, Funny

    Find their ip address and sick 4chan on them maybe then something will get done.

  7. Really? by scdeimos · · Score: 5, Funny

    More than 40 percent of the world's spam is coming from a single network of computers

    Yes, it's called the internet.

  8. Re:Windows has great anti-malware tech by robot256 · · Score: 3, Insightful

    This is like the corporate/university computers that re-image themselves every night against the central server, deleting anything that changed on the hard disk. That would be an awesome feature for a dumb web-surfing box for the idio---parents. Would be a little bit of a pain for everyone else, but we can avoid getting infected, right?

  9. Re:Question by ScentCone · · Score: 4, Interesting

    it would seem to me that the pharmaceutical companies that benefit from this ... should have responsibility in the computer crimes taking place here

    The overwhelming majority of the "pharmaceutical" ads in questions are fraudulent. They're not actually selling Viagra. They're either selling knockoff placebos, or they're selling nothing at all, because they're just looking for naive suckers to visit a sketchy web site and cough up a credit card number or other details that can be used in identity theft schemes or similar crimes. Merck and the other actual makers of the real products would love nothing more than to shut this crap down.

    --
    Don't disappoint your bird dog. Go to the range.
  10. Friendly Reminder by DynaSoar · · Score: 5, Insightful

    "Maybe what we need are a few good old fashioned hangings." -- Commissioner Orson Swindell, Federal Trade Commission
      at the first FTC spam conference.

    --
    "I may be synthetic, but I'm not stupid." -- Bishop 341-B
  11. Stiffy In A Jiffy by soundguy · · Score: 5, Funny
    The best one I ever received was

    Subject: Stiffy In A Jiffy
    From: Erection Perfection

    --
    Nothing worthwhile ever happens before noon
  12. Re:Wunna These Days, Alice... by dgatwood · · Score: 3, Interesting

    No need to destroy their data. All one would have to do is replace key Windows boot files with a script that tells them that their Windows installation is hopelessly infected by viruses and has been disabled, telling them to take it to somebody who actually knows how to properly configure a Windows machine. There's no need to destroy irreplaceable data, merely to wreck Windows so badly that they have to do a full reinstall. Since that is completely beyond any of the sorts of people who are part of the problem, they would be forced to take their computers to somebody for repair, and one would at least hope that a sizable percentage of those machines would come back properly protected from viruses.

    --

    Check out my sci-fi/humor trilogy at PatriotsBooks.

  13. You forgot your tinfoil hat. by N0Man74 · · Score: 3, Informative

    Companies like Symantec and Norton didn't start off as antivirus companies. They build tools and utilities. If by some miracle all of the botnets, trojans, and virus infections were to vanish from the world, I imagine that they would go back to making tools. It was virus makers that created the market, not Symantec and Norton.

    I suppose you think cancer researchers don't really want to find a cure, because then they'd lose their funding, right?

    The fact that you are marked as insightful is baffling. You have a distorted sense of reality.

    I won't even bother commenting on your "white hats" criticisms, since that's been pretty well covered by others...

    However, to say that *your* solution is the only solution is not only short-sighted, it's arrogant. Black Hat "skilz" must be the mystery reason why about half the number of systems are infected now, right?

    There isn't a magic bullet solution that will magically fix the problem completely, aside from getting rid of the internet (and maybe humanity too!). It has to be fought on multiple fronts and incorporating multiple solutions to mitigate the problem and hopefully if it's made difficult enough or they have enough that they can lose, then maybe it will stop... but it's much more likely that we're always going to be stuck with it to at least some degree.

  14. Re:Question by sjames · · Score: 3, Insightful

    If the FBI was half as interested in nailing fraud as it was in doing the RIAA's bidding, they would create fake credit card accounts and order the spamvertized products themselves. Then they can trace the transactions back and get the merchant accounts frozen.

  15. Re:This is why we won't shut up. by silentcoder · · Score: 4, Insightful

    >Good luck with that. Of course once OUR Windows is dead it'll be YOUR machines sending us SPAM.

    No it won't. The "windows gets targeted only because it's biggest" argument is a fallacy - and an easily debunked one at that.

    Here's the REAL reason why you will never see much spams or trojans in the Linux world. Unlike our windows counterparts, when we need an app for some task, we don't open a (insecure) browser, search around, find a .exe which we then RUN to install the program.

    We connect to a repository, which is run by software experts who have repackaged and tested the programs in question, the software gets downloaded automatically - the files are checked using digital signatures to prevent MitM attacks, and only then installed.

    Average computer users will never have the capacity of computer experts to tell trojans from useful apps, and either way have no viable means of determining if a particular install file is trustworthy without having already taken the risk, all while dealing with a browser/email combination that could do all this without them even being aware of it (though at least that has gotten better than it used to - remember I-Love-You, that's how bad Outlook once was!).
    Us GNU/Linux users pool our resources to have people who are skilled select and evaluate the apps in our repositories and make our selection from a set that's pre-vetted. We can choose on features and design without having to WORRY about "does it coincidentally install spyware which will later be installing a botnet", because the people who packaged the software have nothing to gain by not removing such, and everything to benefit from ensuring the trustworthiness of the software.

    Remove the capacity to write "installer programs" for windows - create a repository (perhaps even a paid one - like Apple's app-store) and you solve the botnet problem. Trouble is, Microsoft unlike the GNU/Linux companies won't find the best way to keep their repo profitable is to be open to all comers who write useful software. Much like Apple, they'll end up using it to make sure nothing i available to their users that competes with their own products.
    The cure may be even worse than the disease - so I don't know if it's something to push for. What I can tell you is, as long as ordinary users are supposed to vet good from bad software (people who have ZERO training in how to tell the difference in other words) - botnets WILL proliferate. The problem isn't even so much OS-design (though it plays a role), it's the way software is managed on the two platforms.
    GNU/Linux simply has a software management concept that is by it's very nature far, far more secure than Windows. It's not perfect - last year Fedora's repos were pwned temporarily - and they had to create and issue a full set of new keys to ensure the integrity of what they contained - but the problem was fixable without any customer ever being at risk. That's what GNU/Linux's repository concept does - it takes the task of risk assessment and gives it to people who are trained at for the job so by definition they do it better.

    --
    Unicode killed the ASCII-art *
  16. Re:Question by ZERO1ZERO · · Score: 3, Funny
    Tom: Listen to this one: you open a company called the "Arse Tickler's Faggots Fan Club".

    Soap: You what?

    Tom: You take out an advert in the back page of some gay mag, advertising the latest in arse-intruding dildos. You sell it with, I dunno, "does what no other dildo can do until now", "the latest and greatest in sexual technology", "guaranteed results or your money back", all that bollocks. Now these dils cost twenty-five quid a pop - that's a snip for the amount of pleasure they're gonna give the recipients. But they send their cheques to the other company name, nothing offensive, er, "Bobbie's Bits" or something, for twenty-five quid. You take that twenty-five quid, you stick it in the bank until it clears. Now, this is the smart bit - you send back the cheque for twenty-five pound from the other company name, "Arse Tickler's Faggots Fan Club", saying we're sorry, we couldn't get the supplies from America because they ran out of stock. Now you see how many people cash that cheque - not a single soul, because who wants their bank manager to know they tickle arse when they're not paying cheques? Bacon: So how long do you have to wait until you see a return?

    Tom: Probably no more than four weeks.

    Bacon: A month? So, what fucking good is that if we need it in six - no, five days?

    Tom: Well, it's still a good idea.

  17. Rooting out cross-border networks of perpetrators? by D4C5CE · · Score: 3, Interesting

    Our taxes pay agencies boasting their purported capability to do just that. If they let bot-herders proliferate for years, how are they supposed to be more efficient against terrorists not entirely dissimilar in organization (and with the first able to turn into the latter at any time by using/"renting out" their botnets as Weapons of Mass Disruption e.g. for DDoS attacks against critical infrastructures)?