StarDestroyer.Net BBS

Posted: **2006-12-18 05:24am**

At least if the following article is anything close to accurate:
Sturdier Botnets Mean More Spam In 2007

First three paragraphs

Gregg Keizer wrote:
The late-2006 appearance of durable botnets was a tipping point in the back-and-forth battle against spammers, an industry analyst said Friday, who predicted that spam will continue to gain ground on defenses.

Assembled by a Trojan called SpamThru, the new botnets are tougher to bring down, says Paul Wood, senior analyst with MessageLabs, a message security and filtering service. "The advent of Trojans like SpamThru makes it possible for each bot in the net to learn about the location of other bots. When a bot goes down or the command and control channel is compromised, the other bots know about it."

In SpamThru's techniques, if a control server is shut down, the spammer can easily update the rest of the bots with the location of a new server as long as he controls at least one bot in the net. And if a specific bot is shut down, its spam load can be quickly shifted to another, as-yet-undiscovered, bot.

Posted: **2006-12-18 08:05am**

It all gets down to people who open their attachments like monkeys, or use Outlook Express.

And this article is one-sided. It only tells about what spammers have, nothing about defence measures.

Posted: **2006-12-18 10:32am**

How much does spam cost the economy? Is it enough to justify a presidential "finding" for the CIA to "investigate" the people in charge?

Posted: **2006-12-18 04:16pm**

It seems that every so often I run across another article claiming that spam is going to get worse. On my email accounts, including the ones where I expect spam, I've yet to see that.

Wood also worries about a boost in "ransomware," the practice where criminals gain access to a computer, encrypt some or all of its data files, and then send e-mails demanding payment in return for the key that unlocks the documents.

I'd never heard of this before, but backups should protect you from this.

Posted: **2006-12-18 04:18pm**

I support execution for spammers.

Posted: **2006-12-18 04:23pm**

Tolya wrote:
And this article is one-sided. It only tells about what spammers have, nothing about defence measures.

What defense measures? Reducing the amount of people who use Outlook express?

Most defensive measures are useless in the hands of idiotic users, and shutting down these nets is getting to be impossible.

Posted: **2006-12-18 04:27pm**

bilateralrope wrote:It seems that every so often I run across another article claiming that spam is going to get worse. On my email accounts, including the ones where I expect spam, I've yet to see that.

On the contrary, most of the people I talk to have reported an increase in spam over the past six months.

Posted: **2006-12-18 04:34pm**

Darth Wong wrote:On the contrary, most of the people I talk to have reported an increase in spam over the past six months.

My Gmail account has shown a marked increase in the size of its spam folder recently and my university's email servers are currently overloaded due to the sheer amount of spam they have to process.

Posted: **2006-12-18 04:38pm**

Uraniun235 wrote:How much does spam cost the economy? Is it enough to justify a presidential "finding" for the CIA to "investigate" the people in charge?

According to Wiki, please add salt -

The California legislature found that spam cost United States organizations alone more than $10 billion in 2004, including lost productivity and the additional equipment, software, and manpower needed to combat the problem.

Posted: **2006-12-18 04:42pm**

Just for reference, a gigantic map of the email spam infrastructure as per 2002, it has only gotten worse. Source.

Posted: **2006-12-18 04:47pm**

phongn wrote:
Darth Wong wrote:On the contrary, most of the people I talk to have reported an increase in spam over the past six months.
My Gmail account has shown a marked increase in the size of its spam folder recently and my university's email servers are currently overloaded due to the sheer amount of spam they have to process.

Ditto. Over what seemed like overnight my gmail's spam increased from two or three hundred a month to two-three hundred per day.

Posted: **2006-12-18 04:57pm**

I get over a hundred spam e-mails a day in my Gmail account. About half of it is due to my university account being set to redirect to Gmail.

Posted: **2006-12-18 07:00pm**

Wow, massive botnets comprised of compromised computers!

I wonder which OS they're using that could be so insecure.

Posted: **2006-12-18 07:25pm**

I hadn't even noticed because Google's spam filter is so good, but my spam folder has doubled in size since the last time I looked at it.

Posted: **2006-12-18 07:27pm**

Azazal wrote:
Uraniun235 wrote:How much does spam cost the economy? Is it enough to justify a presidential "finding" for the CIA to "investigate" the people in charge?
According to Wiki, please add salt -
The California legislature found that spam cost United States organizations alone more than $10 billion in 2004, including lost productivity and the additional equipment, software, and manpower needed to combat the problem.

That's enough for me. I say we unleash the CIA to go crack spammer skulls abroad.

Posted: **2006-12-18 07:41pm**

Xisiqomelir wrote:Wow, massive botnets comprised of compromised computers!

I wonder which OS they're using that could be so insecure.

Come off it. If Mac was somehow the OS of choice, hackers and malware writers would just compromise it instead. Lack of interest on the part of attackers doesn't equal impregnability.

Posted: **2006-12-18 07:45pm**

Rogue 9 wrote:ICome off it. If Mac was somehow the OS of choice, hackers and malware writers would just compromise it instead.

This is the notion of security through obscurity. Do you have a positive proof instead of conjecture and insinuations? Please remember that we've yet to see a real OS X virus in the wild.

Posted: **2006-12-18 08:04pm**

Xisiqomelir wrote:
Rogue 9 wrote:ICome off it. If Mac was somehow the OS of choice, hackers and malware writers would just compromise it instead.
This is the notion of security through obscurity. Do you have a positive proof instead of conjecture and insinuations? Please remember that we've yet to see a real OS X virus in the wild.

How many OS X servers exist, out of curiousity?

Posted: **2006-12-18 08:19pm**

Rogue 9 wrote: Come off it. If Mac was somehow the OS of choice, hackers and malware writers would just compromise it instead. Lack of interest on the part of attackers doesn't equal impregnability.

this really isn't a very good argument

Posted: **2006-12-18 08:24pm**

OS X Server is not that commonly deployed, AFAIK. Linux and Windows Server are rather more popular solutions.

As far as Mac viruses go, Leap-A came out recently and there was the WLAN DOS attack. Secundia also indicates that there remain some unresolved security issues in OS X.

Uraniun235 wrote:
Rogue 9 wrote: Come off it. If Mac was somehow the OS of choice, hackers and malware writers would just compromise it instead. Lack of interest on the part of attackers doesn't equal impregnability.
this really isn't a very good argument

It's a fairly poor argument but ROI for Macintosh malware is significantly less than Windows due to the huge masses of poorly-administered and open computers.

Posted: **2006-12-18 08:30pm**

phongn wrote:As far as Mac viruses go, Leap-A came out recently and there was the WLAN DOS attack.

Leap-A is not a virus.

The attack was for Airport hardware, which hasn't been sold for years now.

Posted: **2006-12-18 08:51pm**

As bizarre as it is for me to agree with Shep...the death penalty, or at the very least extremely harsh fines, does sound like the best way to handle this.

Posted: **2006-12-18 08:56pm**

Xisiqomelir wrote:Leap-A is not a virus.

Well, it's more a trojan but it does attempt code injection into other applications.

The attack was for Airport hardware, which hasn't been sold for years now.

Really now.

Posted: **2006-12-18 09:03pm**

phongn wrote:
Xisiqomelir wrote:Leap-A is not a virus.
Well, it's more a trojan but it does attempt code injection into other applications.

Still, not a virus. I'm not going to get Leap-A by just sitting there, I'd have to go out and look for latestpics.tgz, try to open it, then click "accept" when it tried to run.

The attack was for Airport hardware, which hasn't been sold for years now.
Really now.

Oh sorry, I thought you were erroneously mentioning this, my mistake. This isn't even malware, though.

Posted: **2006-12-18 09:10pm**

Xisiqomelir wrote:Still, not a virus. I'm not going to get Leap-A by just sitting there, I'd have to go out and look for latestpics.tgz, try to open it, then click "accept" when it tried to run.

For that matter, viruses don't silently infect new systems either - they require user-action of some sort. Worms are the ones that self-replicate across networks.

this, my mistake. This isn't even malware, though.

Well, no, it was merely an example of a security issue on a Mac.

StarDestroyer.Net BBS

Spam? You've ain't seen anything yet.

Spam? You've ain't seen anything yet.

Re: Spam? You've ain't seen anything yet.

Re: Spam? You've ain't seen anything yet.

Re: Spam? You've ain't seen anything yet.

Re: Spam? You've ain't seen anything yet.

Re: Spam? You've ain't seen anything yet.