Weblogs: Spam

Desparate spammers resort to viruses

Friday, August 29, 2003

The Internet, and its killer application - email - are rapidly heading towards a showdown in the episode to determine email's future on the World Wide Web. On one side the collection of anti-spam groups and individuals trying to protect what remains of their email infrastructure, and on the other the spammers who believe it is their sole right to send email to whomever they want.

Email meltdown on the cards

Steve Linford, Director of Spamhaus has been quoted in a number of news sources as saying that email faces a meltdown within six months (my previous blog entry covers this). This statement is largely on the back of the phenomenal increase in Spam levels - as reported by MessageLabs. So far, Steve's opinion is looking more and more likely with every passing week. Three months down the line, another spam avenue has opened up.


SoBig. Much of the world's email systems have been laid to waste by the newest incarnation of the SoBig series of worms. Targetting Outlook and Outlook Express users, this virus replicates by sending itself to any email address it can get its hands on - from the address book to web caches. The SoBig.F variant is now the fastest spreading virus ever.

Sobig.F is replicating fast enough to warrant news articles questioning the future viability of email - the first public concerns of an email meltdown.

Virus and spammers - two symbiotic parasites

So what has this to do with spammers? Well, interestingly enough one of the features of SoBig.F is to set itself as an open mail relay. With millions of open relays open on millions of broadband connections, spammers now have more open relays than they know what to do with.

This action of creating open relay on user's computers is certainly a desperate measure for spammers. That can be taken as a sign that open-relay blocking is actually working and causing serious problems for spammers. Serious problems enough for them to break the law by breaking into users computers.

And SoBig.F isn't the first time spammers have used viruses as a means of creating new open relays.

Distributed Denial of Service attacks

On a more sour note, spammers have launched an all out DDos attack on sites offering blacklists - used as a basis of email filtering. So far Joe Jared's highly regarded Osirusoft has been forced to close down under the weight of the attacks. This means that SPEWS - the much feared and most effective blacklist against spammers cannot be queried at the moment.

The attacks haven't stopped with that casualty, but more blacklists are now under continued attack from spammer-backed attacks. Spamhaus. ORBS - two more highly regarded publishers of blacklists.

Related Reading

[ Weblog | Categories and feeds | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 | 2002 ]