Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Spam as a business

September 26th 2006 in Uncategorized

Seen on the Microsoft Switzerland Security Blog:
http://news.bbc.co.uk/1/hi/technology/5371078.stm

"Analysis of the net addresses where the e-mail messages originated showed that more than 100,000 hijacked home computers [my emphasis] spread across 119 nations had been used to despatch the junk mail."

Do you have a home computer? A broadband connection? Then the spammers want your machine, and if you give them the chance, they will use it.  Get thee a firewall and get thee patched (my networks were hammered by employment spam that was being sent via home PCs compromised via the vulnerability patched by MS06-040).

Coincidentally, Trend has released a product called Intercloud, specifically addresses the mounting threat posed by botnets—networks of compromised machines that can be remotely controlled by an attacker:
http://www.trendmicro.com/en/about/news/pr/archive/2006/pr092506.htm

Hopefully such technology will, over time, help reduce the damage caused by home based spambots and other zombies.  Its always been a major problem that home based PCs, and their users, do not have an IT department to oversee a system's security and health status.  Now ISPs will hopefully find it easier to detect, and neutralise, such compromised systems.  I can only hope that the ISPs also take steps to educate their users.  Just cutting them off isn't going to fix anything unless the users infected are also taught how to not only clean their system, but avoid being infected again in the future.


Comments are closed.

A patch for the high profile VML Vulnerability has been released by Micrososoft. It resolves not only the public vulnerability but also additional issues discovered through internal investigations.  It is available via Windows Update, Microsoft Update, Autoupdate and WSUS.It only applies to IE5 and IE6 machines.  IE7 is immune to this (and most other) vulnerabilities.Security […]

Previous Entry

3sharp, a Redmond based technical services company, has been commissioned by Microsoft to undertake a competitive study of various anti-phishing technologies.  The results of that study were released just minutes ago.The IE team comment on the study:http://blogs.msdn.com/ie/archive/2006/09/28/774513.aspx Before we proceed, I will say, right at the outset, that the only safe antiphishing technology is one that […]

Next Entry

Archives