Is Your PC Sending Viagra Spam Behind Your Back?
Wed Dec 3,12:14 PM ET

By Bernhard Warner, European Internet Correspondent
LONDON (Reuters) - Security experts have identified what they suspect to be the biggest culprit behind that seemingly unceasing torrent of e-mail spam messages and computer virus outbreaks.

The unwitting culprit, they say, is the home user with a broadband, or always-on, connection. In fact, it could be you.

Viruses and related "worms" typically target computers that run on Microsoft Windows and have a high-speed broadband connection. In the past six months, a new generation of bug has emerged that contains a so-called "trojan" program which discreetly installs itself into the innards of the PC.

An effective "trojan" gives the author near complete control of a victimized machine -- almost always a computer that is not equipped with proper firewall and security software.

The result is that the computer becomes a "zombie" ready to carry out any nefarious command.

Once hit, a computer user would never suspect that through their machines flow waves of spam and e-mail-borne viruses, experts say.

Some machines have even been commandeered to participate in debilitating "denial of service" attacks, sending a flood of data requests capable of knocking an internet company offline.

The fast-spreading Sobig.F virus this summer was the first to do this, experts said.

CHURCH-GOERS CAUGHT IN THE ACT

Suresh Ramasubramanian, manager of Hong Kong-based e-mail filtering company Outblaze, said the volume of spam his firm has intercepted has exploded since Sobig.F emerged in August.

Increasingly, it appears to be average home users whose PCs send out discounts for Viagra and penis-enlargement offers. "These are your typical church-going people," he said.

With countries outlawing spam and even setting criminal penalties and fines, some industry observers wonder if ordinary computer users will get caught up in a dragnet.

"Almost a third of all spam is being sent from hijacked, innocent computers," said Graham Cluley, of British virus and spam-filtering firm Sophos.

"What happens if it's actually grandma or little Timmy's computer sending out the spam?"

ONLINE BLACKMAIL

British police recently warned that crime syndicates, many in Eastern Europe, are using denial of service attacks (news - web sites) to blackmail businesses, threatening to knock them offline unless they pay a small fee.

These groups are honing their virus-writing skills to build up an army of machines to use at their beck and call, investigators say. For now, sending spam through an affected machine is more common.

It is one of a series of new tricks spammers and virus writers have devised to obscure their tracks. Known spammers are often blocked by spam filters, thus making it crucial to mask their identity through a computer user with a clean record.

Steve Linford, founder of the spam-fighting organization The Spamhaus Project, said his firm has gathered evidence of spammers hosting Web sites that hawk everything from prescription drugs to pornographic images to Russian brides on hundreds of thousands of Internet-connected PCs.

A spammers' Web site hops from infected computer to infected computer in a digital version of cat-and-mouse. Linford estimates the ranks of machines capable of piggy-backing sex sites and the like grows by 100,000 machines per week.

"Every time we trace to a Viagra web site now, the site will change location, sometimes every five to 10 minutes," he said. "It's a very popular spamming method."