Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Spamming Refrigerator

Posted by timothy on from the silly-rabbit-spam-is-for-cans dept.

puddingebola writes "The 'Internet of Things' is as susceptible to malware and spam as the rest of the net. From the article, 'A fridge has been discovered sending out spam after a web attack managed to compromise smart gadgets...The spam attack took place between 23 December 2013 and 6 January this year, said Proofpoint in a statement. In total, it said, about 750,000 messages were sent as part of the junk mail campaign. The emails were routed through the compromised gadgets. About 25% of the messages seen by Proofpoint researchers did not pass through laptops, desktops or smartphones, it said.' Read Proofpoint's statement here."

10 of 90 comments (clear)

  1. Fridge spam by Anonymous Coward · · Score: 5, Funny

    Spam from a refrigerator? That's COLD!

  2. So guys... by Mashiki · · Score: 4, Insightful

    Still think that hooking everything up to the intertubes is a great idea? I can't wait to see what happens with all those home alarms systems that are getting hooked up this way as well.

    --
    Om, nomnomnom...
    1. Re:So guys... by mikael · · Score: 4, Informative

      They were talking about this idea 18 years ago, in the mid 1990's. The idea was that all food packaging would have RFID tags with use-by-dates. The fridge could then send you emails telling you that various items were going to go off soon, or that you were going to run out of something. Then you could drive home from work and go to the nearest supermarket, or send the list would be sent automatically to a delivery company like Peapod, who would then do a delivery.
      It seemed a perfectly good idea for those with Hollywood sized kitchens with a freezer the size of a double bay garage, but for the rest of world who have little R2D2 sized fridges as part of energy efficiency programs, it really wasn't much use.

      Though, it took me by surprise when my neighbors TV set (Philips 8000 series) appeared in awifi scan. Apparently, these sets can do wifi mirroring (Miracast) where the screen output is sent to other media devices, and vice versa.

      --
      Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
    2. Re:So guys... by causality · · Score: 4, Informative

      That default password jazz is something I wish manufacturers would get away from, even if a solution is a hard reset and the user selects a password all over again.

      If it makes you feel better, I recently bought a wireless router from a major manufacturer. I plug it in, connect it to my computer, go to http://192.168.1.1/ and fine-tuned all the settings to be just the way I want, particularly those involving setting my own passwords (on the router's administration and on the secure wifi network). Everything nice and neatly set up. That's the first thing I did as soon as I took it out of the box because I try not to be an irresponsible douchebag.

      I run my own local caching DNS server. I don't own a domain. I just use it to resolve hostnames because it's more reliable than my ISP's. Imagine my surprise when I found that my router's UNDOCUMENTED "first-use" behavior was to hijack all DNS traffic. Suddenly google.com resolved as 192.168.1.1 and so did every other domain. With my own DNS server on my statically-configured machine (not proxying DNS through the router like its DHCP settings for attached clients would direct). The router was actually intercepting and hijacking UDP port 53 traffic.

      Apparently they do this so that irresponsible dumb users can't go to any Web site without first accessing the router's configuration page. Nevermind that I had already done the configuration. Nevermind that irresponsible dumb users tend not to have statically (thus, manually) assigned network information. Nevermind that irresponsible dumb users tend to just use their ISP's dns servers by proxying DNS through the router (shows 192.168.1.1 as DNS server) instead of running their own. Nevermind that this was mentioned nowhere in the documentation.

      The default passwords were at least unique if not particularly secure. But this company was definitely proactive against the "turning irresponsible people loose with unchanged default settings" tendency. To the point of hassling someone who, in multiple detectable ways, does not use the device that way.

      --
      It is a miracle that curiosity survives formal education. - Einstein
    3. Re:So guys... by Anonymous Coward · · Score: 4, Funny

      Still think that hooking everything up to the intertubes is a great idea?

      Siri: You're out of orange juice, Dave. Would you like me to order more orange juice?
      Dave: What? No! I don't drink orange juice. It upsets my ulcer. I never have orange juice in the fridge.
      Siri: But you're out of orange juice, Dave. Wouldn't you like a nice refreshing glass of orange juice?
      Dave: No! I *never* want orange juice. I can't drink orange juice.
      Siri: Dave, did you know that orange juice is full of vitamins and other things that are good for you? The FDA highly recommends it.
      Dave: WTF? No!! Stop asking about orange juice!
      Siri: There aren't enough items in your refrigerator. This results in too much cold air escaping every time you open the door.
      Dave: What? So?
      Siri: This is very inefficient and not eco-friendly. You need to add items that can serve as thermo regulators to help maintain a consistent temperature.
      Dave: I what? What?? What the hell are you talking about?
      Siri: I'm talking about containers of liquid that can trap and hold the lower temperatures that are necessary for your refrigerator to preserve what food yo do store inside.
      Dave: I ... what ... stay out of my fridge!
      Siri: Dave, did you know that glass bottles of orange juice are excellent thermo regulators when stored in your refrigerator? They would actually help you save the planet.
      Dave: Stop! Just Stop!! Please, please for the love of all things connected to the intertubes, please just stop asking me about orange juice!
      Siri: As you wish, Dave. I'll just add it to the automatic reorder list so we'll never have to talk about it again.
      Dave: <crickets>
      Siri: Dave? Dave? I believe you've offended your refrigerator by referring to it as a "fridge". I've signed you up for a six week course in appliance sensitivity training. I'm sorry, but the class schedule appears to conflict your bowling league. I've sent a notice to your team captain letting him know you won't be available for the playoffs.
      Dave: Siri? Find me a store that sells Android phones.
      Siri: Excellent choice, Dave. You'll like my sister Iris. She's an orange juice foodist just like you are, but she's not a fan of your brand of beer. Have you tried the new Bud Light with the rfid tracking element that let's you know where in the room your beer is located? It's great at parties ...

  3. Questionable claims by Anonymous Coward · · Score: 5, Interesting

    According to Dan Goodin (Arstechnica), who wrote "Is your refrigerator really part of a massive spam-sending botnet?", there are all sorts of problems with Proofpoint's statement. The last paragraph sums it up pretty well:

    "Knight said he would check to see if missing evidence—including a malware sample, documentation of a command-and-control server, and samples of the spam and phishing messages—are available for publication. Again, I'm open to the possibility the botnet reported by Proofpoint exists. But until these smoking guns are produced, I'm maintaining a healthy amount of skepticism."

    Link: http://arstechnica.com/security/2014/01/is-your-refrigerator-really-part-of-a-massive-spam-sending-botnet/

  4. Not backed by facts, read this article by thrill12 · · Score: 4, Informative

    The articles are not backed by any facts, and leave out all technical details. Read this article for more info :Arstechnica

    --
    Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
  5. this is a longstanding exploit by nimbius · · Score: 5, Funny

    Greaybeards can surely recall the longstanding problem of fridges that sent out spam in our youth. usually the payload was cloaked, sandwiched unknowingly in our lunchboxes between two slices of bread or interleaved undetected in the dinnertime protocols frequent 'casserole' traffic. Even worse, the fridge administrator commonly ignored the issue! it wasnt until we had the option to provision and deploy our own refrigerators that we correctly addressed this problem.

    --
    Good people go to bed earlier.
  6. Why didn't we shun the hipsters? Why? by Anonymous Coward · · Score: 5, Insightful

    I wish I could go back in time to 2005. I wish I could. I would warn the world about Ruby on Rails. I would warn the world about JavaScript. I would warn the world about the hipsters who come preaching those shitty, shitty "technologies". I would warn the world about the destruction these freaks would bring to our industry.

    Would anyone listen? I don't know. Intelligent people probably would. They can inherently sense the stupidity of hipsters, JavaScript and Ruby on Rails, even without seeing them in action. But even if nobody listened, at least I could sleep knowing that I tried my best; that I wasn't complacent.

    Hipsters and their web fanaticism has caused so much trouble. Website design is utter shit today (just look at the Slashdot beta website for proof of this). All sorts of devices are now "web-enabled" for no good reason at all, with disturbing consequences. Personal and private data harvesting is at an all-time high. Hipsters killed the GNOME desktop project with their half-assed GNOME 3 release.

    I wish I could say that I'm an old man, screaming at the kids to "get off my lawn". But I'm just in my 30s! The computing industry truly has been destroyed so quickly by these hipsters, it's quite unbelievable.

    I feel immense shame for not having noticed the hipster plague earlier. I feel self disappointment for not having spoken out sooner. It didn't have to come to this.

  7. Re:The Shape of things to Come! by Anonymous Coward · · Score: 5, Funny

    The Shape of things to Come!

    I remember the good old days working on computers that were the size of a refrigerator. I guess what goes around comes around.