Not your problem? Think again!

What quite some people - me including - have been suspecting and thinking all along, seems to have been proven today : there is a strong connection between spammers and virus distributors. While you might still argue that the oppurtunity makes the thief, I think the article below shows clearly that spammers and virus distributors are becoming more professional and join forces to accomplish their goals.

This is the original C'T Magazine article (in german) and here are english translations of it : Uncovered: Trojans as Spam Robots, Trojans and Spam.

As you might have noticed, I specifically said "virus distributors" not "virus creators" even though that in some cases, they might be one and the same person. However, what we see more and more is that the creation is done and the code published as proof-of-concept by the author, where other parties distribute the code and bring the virus to life in a real environment. Whether that was or wasn't the intention of the virus author remains to be seen, and while the statement "if you create a virus you will want to release it too" seems to be the most popular right now, I'm not sure I agree with it.

Cars can be used to transport from point A to B (and save people), but they also can be used as weapons (mass destruction, anyone?) and take lives. It's not the object itself that is "evil" or "bad" but the way it is used that causes a certain result. Same goes for viruses as far as I can see. While right now most virus code is (ab)used in damaging way, I'm certain quite some technical characteristics of the code can be used for good things too.

Well, I got a bit side-tracked there, didn't I? What point was I trying to make? Ah... I remember. The professionalisation of spamming. Back in the days, a spammer got himself (or herself) a dial-up account, and started sending out UCE and UBE (spam) mails to thousands of people. Now that official institutions are putting (so far inefficient) laws into place, and companies are launching spam blocking software and filters, spammers need to revert to other options. After they started running their own networks and set up their own ISP's, the next step is a constant abuse of unprotected resources on the internet.

More and more machines are permanently connected, but although the machines have become faster and more stable, the users have not, even on the contrary. Each day thousands if not millions of new machines join the web, but the owners/users have had no training, or don't have a clue about where they stick their head in. Whether or not that is due to the flaws of computers and their operating systems, or due to the stupidity of the users, or a lack of "official" education is besides the point, because the end result is the same : another resource ripe for picking and abuse.

As spammers need this new can of resources to stay open and remain accessible at all time, they need a constant flow of new exploits as well. Since they can't do it themselves (yet?) they rely on others to do the dirty work : infect the machines.

As I said before, right now there still are three parties involved :

virus creator - virus distributor - spammer

but how long will it take before the virus creators realize that their "hard work" is abused by both the distributor and the spammer? Quite a few authors will stop publishing their proof-of-concept code on the web, or provide it for analysis to AV companies before they publish it openly. Others will cut out the middle man and request payment from the spammers and/or create specially crafted code for a hefty price. After the code/virus is written and sold, the spammer calls in the distributor to let the beast loose.

Where do we start in fighting all this? I honestly wouldn't know, but legislation is not the answer. Professional spammers don't care about laws, that should be obvious. I think the only way to get a grip on the problem is to educate the users... but that is not a simple fix or short term solution.

It'll take at least 2 generations to change the attitude, so don't expect spam to go anywhere in the next 50 years. Except in your inbox that is.

Monthly Archives


OpenID accepted here Learn more about OpenID
Powered by Movable Type 5.04

About this Entry

This page contains a single entry by ServMe published on February 21, 2004 9:06 PM.

He does indeed have a point was the previous entry in this blog.

DVD here I come! is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.