Is Your PC Sending Viagra Spam Behind Your Back?
Wed Dec 3,12:14 PM ET
By Bernhard Warner, European Internet Correspondent
LONDON (Reuters) - Security experts have identified what they suspect to
be the biggest culprit behind that seemingly unceasing torrent of e-mail
spam messages and computer virus outbreaks.
The unwitting culprit, they say, is the home user with a broadband, or
always-on, connection. In fact, it could be you.
Viruses and related "worms" typically target computers that run on
Microsoft Windows and have a high-speed broadband connection. In the past
six months, a new generation of bug has emerged that contains a so-called
"trojan" program which discreetly installs itself into the innards of the
PC.
An effective "trojan" gives the author near complete control of a
victimized machine -- almost always a computer that is not equipped with
proper firewall and security software.
The result is that the computer becomes a "zombie" ready to carry out any
nefarious command.
Once hit, a computer user would never suspect that through their machines
flow waves of spam and e-mail-borne viruses, experts say.
Some machines have even been commandeered to participate in debilitating
"denial of service" attacks, sending a flood of data requests capable of
knocking an internet company offline.
The fast-spreading Sobig.F virus this summer was the first to do this,
experts said.
CHURCH-GOERS CAUGHT IN THE ACT
Suresh Ramasubramanian, manager of Hong Kong-based e-mail filtering
company Outblaze, said the volume of spam his firm has intercepted has
exploded since Sobig.F emerged in August.
Increasingly, it appears to be average home users whose PCs send out
discounts for Viagra and penis-enlargement offers. "These are your typical
church-going people," he said.
With countries outlawing spam and even setting criminal penalties and
fines, some industry observers wonder if ordinary computer users will get
caught up in a dragnet.
"Almost a third of all spam is being sent from hijacked, innocent
computers," said Graham Cluley, of British virus and spam-filtering firm
Sophos.
"What happens if it's actually grandma or little Timmy's computer sending
out the spam?"
ONLINE BLACKMAIL
British police recently warned that crime syndicates, many in Eastern
Europe, are using denial of service attacks (news - web sites) to
blackmail businesses, threatening to knock them offline unless they pay a
small fee.
These groups are honing their virus-writing skills to build up an army of
machines to use at their beck and call, investigators say. For now,
sending spam through an affected machine is more common.
It is one of a series of new tricks spammers and virus writers have
devised to obscure their tracks. Known spammers are often blocked by spam
filters, thus making it crucial to mask their identity through a computer
user with a clean record.
Steve Linford, founder of the spam-fighting organization The Spamhaus
Project, said his firm has gathered evidence of spammers hosting Web sites
that hawk everything from prescription drugs to pornographic images to
Russian brides on hundreds of thousands of Internet-connected PCs.
A spammers' Web site hops from infected computer to infected computer in a
digital version of cat-and-mouse. Linford estimates the ranks of machines
capable of piggy-backing sex sites and the like grows by 100,000 machines
per week.
"Every time we trace to a Viagra web site now, the site will change
location, sometimes every five to 10 minutes," he said. "It's a very
popular spamming method."
|