All the latest UK technology news, reviews and analysis
|
|
|
24 May 2006
A botnet of more than 150,000 compromised PCs was responsible for subjecting UK businesses to a flood of more than 250 million spam emails last weekend.
Security services company BlackSpider Technologies said that the spam deluge began over the weekend and peaked on Monday 22 May.
The emails are still being distributed by the botnet, according to BlackSpider, but in fewer numbers.
Although the content of the emails varied, each one contained a link to one of several websites selling 'pharmaceutical' products.
The subject lines and body text contained obfuscated names of drugs, ending with a poem or paragraph of random obfuscating words. An example can be seen below.
The sheer volume of junk emails is potentially crippling for anti-spam service providers and anti-spam products, BlackSpider warned, and comes only a week after anti-spam firm Blue Security was forced out of business by a spammer known as 'PharmaMaster'.
Blue Security's Blue Frog anti-spam service, however, has been resurrected by an internet community.
James Kay, chief technology officer at BlackSpider, said: "In security terms, spam is an old problem and it's easy to become complacent and assume that the battle is already won.
"But this is simply not the case, especially with botnets being able to activate huge armies of compromised PCs at will.
"Blue Security found this out the hard way and I'd be very surprised if this latest attack hasn't already crashed another anti-spam service provider."
An example email reads:
Subject: Re: test CtqALLlS
Body text:
Hi,
P R O Z ^ C
S O M ^
X ^ N A X
C / A L / S
V / A G R A
V A L / U M
A M B / E N
L E V / T R A
M E R / D / A
[URL removed]
It cannot be seen, cannot be felt,
Cannot be heard, cannot be smelt.
It lies behind stars and under hills,
And empty holes it fills.
It comes first and follows after,
Ends life, kills laughter.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
A global consultancy is looking for a technical IT infrastructure...
External Technical Engineer, Rochdale This Lancashire...
Contract: L3 Solaris Administrator - Stockholm, Sweden...
C# or VB.NET Senior Developer / Team Leader x 2- Manchester...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
spambots
more worryingly, they are being sent out with a return address whihch is a random collection of letters "@" a real address. I have a personal email address off my own web address, and all of a sudden I got hundreds of "mail returned" emails, to addresses that do not exist. That means many times more have got through, all of which appear to have come from my domain. Not nice. In my view those whose PCs are taken over have a responsibility, and should be sued for computing irresponsibly ( a bit like careless driving). Web access provider has some responsibility for "usualness". If a client suddenly sends out 1000 emails, it should flag a stop notice until investigated.
Posted by: jim 03 Jun 2006
SPAM
I've been getting SPAM just like this (in much less significant quantities) at my workplace in the States
Posted by: i.hate.pharmamaster 27 May 2006