A botnet of more than 150,000 compromised PCs was responsible for subjecting
UK businesses to a flood of more than 250 million spam emails last weekend.
Security services company
BlackSpider
Technologies said that the spam deluge began over the weekend and peaked on
Monday 22 May.
The emails are still being distributed by the botnet, according to
BlackSpider, but in fewer numbers.
Although the content of the emails varied, each one contained a link to one
of several websites selling 'pharmaceutical' products.
The subject lines and body text contained obfuscated names of drugs, ending
with a poem or paragraph of random obfuscating words. An example can be seen
below.
The sheer volume of junk emails is potentially crippling for anti-spam
service providers and anti-spam products, BlackSpider warned, and comes only a
week after anti-spam firm
Blue Security
was forced out of business by a spammer known as 'PharmaMaster'.
Blue Security's
Blue
Frog anti-spam service, however, has been resurrected by an internet
community.
James Kay, chief technology officer at BlackSpider, said: "In security terms,
spam is an old problem and it's easy to become complacent and assume that the
battle is already won.
"But this is simply not the case, especially with botnets being able to
activate huge armies of compromised PCs at will.
"Blue Security found this out the hard way and I'd be very surprised if this
latest attack hasn't already crashed another anti-spam service provider."
An example email reads:
Subject: Re: test CtqALLlS
Body text:
Hi,
P R O Z ^ C
S O M ^
X ^ N A X
C / A L / S
V / A G R A
V A L / U M
A M B / E N
L E V / T R A
M E R / D / A
[URL removed]
It cannot be seen, cannot be felt,
Cannot be heard, cannot be smelt.
It lies behind stars and under hills,
And empty holes it fills.
It comes first and follows after,
Ends life, kills laughter.
Do you agree?
Have your say on this article