Tag: botnets

Herders spurs are their keyboards

I once lived in Australia, and yes, since I am a brash American I spent most of my years there getting my ass kicked. But, the beer and wine were good, and I made some lifelong friends.

A group of them recently moved to Denver, and as it turns out they had kids and were using a new service I helped develop (Tot Jot) to keep the grandparents informed as to what the grandkids were up to. Much fun there, with the international connection – total coincidence, from 13,000 miles, but made me smile nonetheless. The other night, I was invited to dinner. They had just shipped in some outstanding lamb (apologies in advance to the veggie crowd – no, screw that, the meat was unbelievable). The guy who put the package together has a farm where he raises all sorts of four legged, free range animal. He rides a horse all day on thousands of acres rounding up his income.

It reminded me that Microsoft just released a new set of patches, and already the botnets are being rounded up for the attack.

I just purchased a new pair of boots for winter myself, but I don’t need spurs for them – I use a keyboard, attached to my everyday steed (a Powerbook), for my herding. And so it seems, do the malcreants.


Of course, Corporate America may just need to start issuing extra tack, if the attacks they now have to deal with are any indication.

CAN-SPAM can’t fine the bots

Nor find those ex-KGB agents.

Sophos just released it’s ‘dirty dozen’ spam relaying countries list, and the US still tops the charts.

Despite CAN-SPAM, which has produced arrests and fines, it seems it’s the average broadband connected internet user which is contributing to the lead. The culprit, botnets, and the puppet masters (according to Sophos), Russians.

I thought the Cold War was over.

Spamming yourself

Still to be figured out – a potentially new spamming technique whereby the mail looks like it came from..you.

I am not going to speculate, as I’d have to go the conspiracy theory route, but if I did it would sound something like this: the numbers in the subject line are alien coordinates, which when the user opens up their email are broadcast via an unknown high frequency transmission through the insecure ports on your wireless hub (which is why authorities and the media are always blaming WiFi for everything).

We are all their operatives (unless you run WPA2 of course).

Signs of network pandemics on the front steps

First, a million PC trojan spewing botnet is discovered hiding under the porch. While it is trying to get unsnagged from a stray nail (Uncle Bill never could use a hammer right), another botnet, slightly swifter at only 650,000 strong, runs up and knocks at the door.

I’d say turn off the computer, and pull out the M. Night Shyamalan movie collection. It is going to be a long year.

Purse snatching back in vogue

It used to be you watched out for purse snatchers and pickpockets at the mall, and only around the shopping season. Now you get to worry about them when shopping online. An army of botnets is doing exactly that – snatching personal information while you are loading your virtual shopping cart.

First while banking, and now while picking up Mother’s Day flowers. Well at least its an excuse for forgetting (fear).

Having someone peer over your shoulder to catch your password as you typed never sounded so good.

Spammers tactics changing, not waning

Folks are debating whether spammers’ methods are stagnating, so I have to throw my uninformed two-cents in. They are changing, that much is clear, but I think it is a mearly a shift based on market forces.

Spam filters are tightening up everywhere, so:

– You are seeing more plain text messages. And that plain text may be obfuscated, jumbled, or otherwise arranged to look like even more simple text like the alphabet, separated by carriage returns to keep dirty words like “pharma” from getting caught.

– Less use of HTML forms, and any semblance of scripts is disappearing.

– Botnets are being used, and since authorities and ISPs are catching on quickly, why bother with falsifying headers. Just use the email address of the poor infected sucker. The spammer’s tool will get cleaned up soon anyway, and why leave a trace of your method.

I see a return to the simple life for everyday spammers. It is a multi-level marketing game, and the top agents have bigger fish to fry. The kingpins can spend their time constructing sophisticated looking phishing emails tagged with real digital certificates, while the little guy pushes p3nis pills.

Skype holes – Fact or Fud? (round two)

skype.jpgResearchers are saying that VoIP applications like Skype could be used for website attacks, and provide a way for malcreants to cover their tracks.

Unfortunately, they don’t actually say how this would all happen, preferring to describe a standard zombie/botnet network, and how criminals use them. And their suggestion to thwart this yet undetailed weakness – publish VoIP network routing specifications and/or switch to open standards. Hmm.

Give the criminals a map? Or are these researchers secretly working for the fine and dandy traditional US telco providers?

Politico touts infections as promise

A British politico says there is is great progress being made in ecommerce and broadband connectivity – the signs are there because the networks are clogged with botnets. I think most politicians are pretty clueless about tech – and they either can’t or won’t get competent advice on the subject. Nonetheless, calling mass botnet infections progress is ridiculous, particularly considering its harmful side effects – spam, identity theft, computer crashes, and lost productivity.

Maybe the UK government should look into licensing all its PC users.

You may be a phisher, and not even know it

The struggle to maintain security on the home PC takes a new twist once a machine is zombiefied. According to a recent report via a joint German/UK effort, phishers may likely be using your zombie machine to launch the spam attacks, but it doesn’t end there.

Phishers often use home computers to install URL redirection services, host phishing websites, as well as infect other machines that they can do the same to. As phishing attacks come and go like the wind, it is no wonder phishers don’t mind lending control of their offering to some grandmother’s Windows 98 box.

Among other things, Symantec says phishing up +300%

There has been a lot of chatter about the latest reports from Symantec about security issues. Some say it is valid, and folks should be on guard, while others say it is all FUD to sell product.

I don’t take security for granted, whether it be on a Mac, Windows or Linux, and neither should you.