Spammers battle it out with antispam vendors

Spammers have become even nastier in the fight to maintain their income sources and are using malicious code to send unsolicited junk by piggybacking on mass mailing viruses to reach more addresses at rapid speed.

Accompanying this new trend are extraordinary strongarm tactics of attacking any organisation that stands in the way, particularly antispam Web sites which are being victimised by denial of service (DOS) attacks.

A number of companies that distribute Internet blacklists used by ISPs to block e-mail from known spammers have been forced to shutdown as a result of a relentless stream of DOS attacks. Trend Micro Australia product marketing manager Clive Wainstein said antispam Web sites such as spews.org, spamhaus.org and spamop.net have also been victims of "organised spamming syndicates".

Wainstein said the attacks are obviously commercially driven and are a sinister new tactic spammers are using to sell their wares.

He said a good example of spammers piggybacking on mass mailing worms is Mimail.F which pretends to be a meeting reminder from a colleague.

"Viruses are using spam tactics and spammers are using viruses; Mimail. F has infected a rising number of computers worldwide," he said.

It is likely that these methods are coming from more organised spamming syndicates. For example, Ron Guilmette shut down his blacklist after ongoing DOS attacks and his e-mail was spoofed to send pornographic images to one million e-mail accounts.

This prompted angry responses from recipients and made his independent software business look like a spam machine.

In recent months, he had ramped up his antispam efforts working with ISPs around the world to construct an "open proxy honeypot network" to locate spammers. It made him a key target.

"I came front and centre to the attention of the worst of the spammers; I'm done fighting spam. I didn't decide this. The spammers have done this for me by cutting off my business lifeline. I can't work if I can't connect to the Internet."

David Banes, MessageLabs Asia Pacific technical director, agreed spammers are using malicious code and said organised syndicates are typically located in Russia, China, South America and South Korea.

Banes said this new trend goes beyond their usual techniques of stealing bandwidth, installing open-proxy Trojans and spoofing e-mail.

"We see about 23 million spam messages a day; about 50 per cent of the e-mail traffic we see is spam," he said.

Join the newsletter!

Error: Please check your email address.

More about MessageLabsTrend Micro Australia

Show Comments