Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rustock Botnet Responsible For 40% of Spam

Posted by timothy on from the long-walk-short-plank dept.

angry tapir writes "More than 40 percent of the world's spam is coming from a single network of computers that computer security experts continue to battle, according to new statistics from Symantec's MessageLabs' division. The Rustock botnet has shrunk since April, when about 2.5 million computers were infected with its malicious software that sent about 43 billion spam e-mails per day. Much of it is pharmaceutical spam."

19 of 250 comments (clear)

  1. Somebody by bobstreo · · Score: 5, Insightful

    Hunt them down and kill them all
    Please

    1. Re:Somebody by DWMorse · · Score: 4, Funny

      And then, unplug their computers.

      That's... that's what you meant, right?

      --
      There's a spot in User Info for World of Warcraft account names? Really?
    2. Re:Somebody by 228e2 · · Score: 4, Informative

      No.

      I know its "crazy" to think that not everyone knows how to run a bare bones Linux distro and knows how to block all ports except for 80, 8080, and say 21-23. But believe me when I say that the majority of computer users are incredibly inept when it comes to basic computer security.

      Grandma will never be a network admin. Neither will your local elementary school teacher. Just because people run Windows out of the box and have no idea they are harboring an orgy of botnets is it fair to call them criminals.

      --
      Since when does being a Socialist mean 'someone who has a different opinion than me'?
    3. Re:Somebody by Anne+Thwacks · · Score: 4, Insightful
      Starting with the pharma companies whose products are being promoted, and the credit card companies who process the transactions.

      (They are the low hung fruit.)

      --
      Sent from my ASR33 using ASCII
    4. Re:Somebody by selven · · Score: 5, Insightful

      I agree with hitting the pharma companies, but the credit card companies? I'd rather have them be neutral providers of monetary exchange services than have them decide what's legitimate and what isn't, just like ISPs should stay out of copyright enforcement.

    5. Re:Somebody by tibit · · Score: 4, Interesting

      You know what's really interesting in spam? For spam to pass the content filters, especially those based on statistical models of language, it has to have purposeful mistakes inserted all over the place. In the end, a piece of spam typically looks like if a stoned idiot wrote it. But now it seems that people who author the message in the first place became somehow infected by the stoned idiocy of their own messages.

      A few months ago I went through 300 non-scamming spam messages in my spam folder, and only managed to get to 5, I repeat, 5 payment screens. That means that most spam is pretty pointless: the websites it points to, if they haven't been left out (happens quite often), are mostly broken so that there's no way to actually pass any money to the spammer, even if you try really hard. Sometimes they superficially look like they may work, but when time comes to actually submit a payment, things are very likely to be broken. I have been testing stuff using virtual credit cards available from my bank, with very low limits -- below that of the payment amount. On a working site, you get some indication that the transaction was declined. In most places, though, there would be internal server errors, javascript errors preventing payment submittal, and all other sorts of problems.

      I think that bulk emailing operations are simply around to milk the spammers for money, and only the mailers make any money -- the spammers themselves seem too stupid to get any.

      It's quite hilarious.

      --
      A successful API design takes a mixture of software design and pedagogy.
  2. Voluptuous woman falls over heavy chest by Spewns · · Score: 5, Funny

    Make your girl happy with your long and huge meat machine.

    *link to .ru website*

  3. Oh PAH-LEEEZE by Frosty+Piss · · Score: 5, Insightful

    First and foremost, don't expect ANY help from the "security" companies like Symantec and the like, SOLVING this problem would mean the end to their extortion business.

    And, don't expect ANY help from the "white hats" in general, all they can do is walk in circles pontificating about how it would be unethical to hack these networks and bring them down.

    So really, the only solution is the possibility of someone with "black hat" skilz that wants to be paid to take the system down outside the "law".

    --
    If you want news from today, you have to come back tomorrow.
    1. Re:Oh PAH-LEEEZE by Nemyst · · Score: 4, Interesting

      Your wording seems to indicate contempt. White hats or security experts unfortunately have their hands tied. They probably know how to take down the botnet, but that involves illegal activity. While the criminals are hampered by no such things, the lawful guys are stuck with it: anything they'd do that would be essentially good would get them jailed.

    2. Re:Oh PAH-LEEEZE by Yvan256 · · Score: 5, Interesting

      So, Lone Star, now you see that evil will always triumph because good is dumb. - Dark Helmet

    3. Re:Oh PAH-LEEEZE by PatPending · · Score: 5, Funny

      So really, the only solution is the possibility of someone with "black hat" skilz that wants to be paid to take the system down outside the "law".

      Hudson: Let's just bug out and call it even, OK? What are we talking about this for?

      Ripley: I say we take off and nuke the entire site from orbit. It's the only way to be sure.

      Hudson: Fuckin' A...

      --
      What one fool can do, another can. (Ancient Simian Proverb)
  4. anti-spam by bakamorgan · · Score: 4, Funny

    Find their ip address and sick 4chan on them maybe then something will get done.

  5. Really? by scdeimos · · Score: 5, Funny

    More than 40 percent of the world's spam is coming from a single network of computers

    Yes, it's called the internet.

  6. Re:Pharmaceutical by compro01 · · Score: 5, Informative

    My accounts have been getting more offers of narcotics than genital enlargement in the past few months. Also got a few spams selling antibiotics, which is a new one, and even more reprehensible if they're genuine.

    --
    upon the advice of my lawyer, i have no sig at this time
  7. Re:Question by ScentCone · · Score: 4, Interesting

    it would seem to me that the pharmaceutical companies that benefit from this ... should have responsibility in the computer crimes taking place here

    The overwhelming majority of the "pharmaceutical" ads in questions are fraudulent. They're not actually selling Viagra. They're either selling knockoff placebos, or they're selling nothing at all, because they're just looking for naive suckers to visit a sketchy web site and cough up a credit card number or other details that can be used in identity theft schemes or similar crimes. Merck and the other actual makers of the real products would love nothing more than to shut this crap down.

    --
    Don't disappoint your bird dog. Go to the range.
  8. Friendly Reminder by DynaSoar · · Score: 5, Insightful

    "Maybe what we need are a few good old fashioned hangings." -- Commissioner Orson Swindell, Federal Trade Commission
      at the first FTC spam conference.

    --
    "I may be synthetic, but I'm not stupid." -- Bishop 341-B
  9. Stiffy In A Jiffy by soundguy · · Score: 5, Funny
    The best one I ever received was

    Subject: Stiffy In A Jiffy
    From: Erection Perfection

    --
    Nothing worthwhile ever happens before noon
  10. Re:Pharmaceutical by compro01 · · Score: 4, Insightful

    The spam is offering antibiotics such as linezolid, teicoplanin, daptomycin, and tigecycline, antibiotics that are reserved for highly resistant bacteria ("superbugs" like VRE and MSRA), not the stuff you can get from a veterinarian. These drugs being used inappropriately is a very bad thing.

    --
    upon the advice of my lawyer, i have no sig at this time
  11. Re:This is why we won't shut up. by silentcoder · · Score: 4, Insightful

    >Good luck with that. Of course once OUR Windows is dead it'll be YOUR machines sending us SPAM.

    No it won't. The "windows gets targeted only because it's biggest" argument is a fallacy - and an easily debunked one at that.

    Here's the REAL reason why you will never see much spams or trojans in the Linux world. Unlike our windows counterparts, when we need an app for some task, we don't open a (insecure) browser, search around, find a .exe which we then RUN to install the program.

    We connect to a repository, which is run by software experts who have repackaged and tested the programs in question, the software gets downloaded automatically - the files are checked using digital signatures to prevent MitM attacks, and only then installed.

    Average computer users will never have the capacity of computer experts to tell trojans from useful apps, and either way have no viable means of determining if a particular install file is trustworthy without having already taken the risk, all while dealing with a browser/email combination that could do all this without them even being aware of it (though at least that has gotten better than it used to - remember I-Love-You, that's how bad Outlook once was!).
    Us GNU/Linux users pool our resources to have people who are skilled select and evaluate the apps in our repositories and make our selection from a set that's pre-vetted. We can choose on features and design without having to WORRY about "does it coincidentally install spyware which will later be installing a botnet", because the people who packaged the software have nothing to gain by not removing such, and everything to benefit from ensuring the trustworthiness of the software.

    Remove the capacity to write "installer programs" for windows - create a repository (perhaps even a paid one - like Apple's app-store) and you solve the botnet problem. Trouble is, Microsoft unlike the GNU/Linux companies won't find the best way to keep their repo profitable is to be open to all comers who write useful software. Much like Apple, they'll end up using it to make sure nothing i available to their users that competes with their own products.
    The cure may be even worse than the disease - so I don't know if it's something to push for. What I can tell you is, as long as ordinary users are supposed to vet good from bad software (people who have ZERO training in how to tell the difference in other words) - botnets WILL proliferate. The problem isn't even so much OS-design (though it plays a role), it's the way software is managed on the two platforms.
    GNU/Linux simply has a software management concept that is by it's very nature far, far more secure than Windows. It's not perfect - last year Fedora's repos were pwned temporarily - and they had to create and issue a full set of new keys to ensure the integrity of what they contained - but the problem was fixable without any customer ever being at risk. That's what GNU/Linux's repository concept does - it takes the task of risk assessment and gives it to people who are trained at for the job so by definition they do it better.

    --
    Unicode killed the ASCII-art *