For Mother's Day, Try Some Spam

May 12, 2007

As Mother's Day spam increases, researchers discover an unrelated application being used to control botnets in 54 countries.

Mother's Day is bringing an unwanted gift - spam.

According to researchers at security vendor Sophos, spammers have been trying to sell items like flowers, chocolates and baskets of fruit to consumers who may have not yet purchased presents for their mothers.

"The United States is celebrating Mother's Day on Sunday, and spammers have ramped up their operations to try and sell last-minute goods to forgetful sons and daughters," Graham Cluley, senior technology consultant for Sophos, headquartered in Abingdon, England, said in a statement.

"Mothers may appreciate their children being reminded by a spam to do something special, but buying goods advertised in this way only encourages the spammers to send more junk e-mail. If no one purchased the products sold via spam then the spammers would disappear," Cluley said.

Sophos experts said there are at least 23 different dates used in countries around the world to celebrate Mother's Day, but spammers focus on the North American celebration because it provides them with the largest possible audience.

Meanwhile, security specialists at Panda Software 's anti-malware laboratory, PandaLabs, on May 10 uncovered an application being used to control botnets in 54 countries.

Ryan Sherstobitoff, product technology officer at Panda Software, headquartered in Glendale, Calif., said the tool did not seem to be connected to the recent Mother's Day spam e-mails, but was a threat - particularly if it was used by cyber-criminals.

"Everything has the end-all goal - of stealing - information," Sherstobitoff said in an interview with eWEEK.

The application, called Zunker, contains a statistics section that includes graphs displaying the performance of each bot in the network, the number of available zombies and their monthly or daily activity.

Zunker also lets the user control the bots and allows the user to design the content of the spam with different templates depending on whether the message is aimed at e-mail accounts, instant messaging or forums, PandaLabs researchers said.

Although these tools are common among botnet operators, finding them is not always easy, security professionals agreed.

"The spammers communicate on invite-only forums, which are hard to get access to," said Matt Sergeant, senior anti-spam technologist at MessageLabs. "Some anti-spammers do have this access, but they don't have time to read every post or set up stings to get access to the tools."

Sergeant said he and others at MessageLabs, headquartered in Gloucester, England, suspect that botnet operators have teams of programmers at their disposal to create tools like Zunker. He suggested users take the well-known precautions of having a basic level of firewall and anti-spam protection, and urged them not to click on anything from a disreputable or unknown source.

"ISPs can help by blocking port 25 and checking block lists for users within their networks for infections," he said, explaining that the move would allow ISPs to isolate infected users and assist them with the cleanup.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: UN moves to strengthen digital privacy (Update)

add to favorites email to friend print save as pdf

Related Stories

U2 go from rock legends to accused spammers

Oct 11, 2014

U2 and Apple planned the gesture for maximum publicity—a concert by the Irish megastars at the tech giant's latest product launch, with the surprise that their new album had just been released for free ...

Microryza helps round up dollars for fund-it-yourself science

Jul 10, 2013

When two University of Washington graduates launched one of the first crowd funding sites for science, they had to beat the bushes for projects. A year later, so many researchers are beating on Microryza's door that the startup ...

Explainer: What is hacking?

Apr 05, 2013

Last week, we woke to news that the largest cyber attack ever was underway in Europe, with reports of global internet speeds falling as a result of an assault on the anti-spamming company Spamhaus.

Recommended for you

UN moves to strengthen digital privacy (Update)

13 hours ago

The United Nations on Tuesday adopted a resolution on protecting digital privacy that for the first time urged governments to offer redress to citizens targeted by mass surveillance.

Spotify turns up volume as losses fall

13 hours ago

The world's biggest music streaming service, Spotify, announced Tuesday its revenue grew by 74 percent in 2013 while net losses shrank by one third, in a year of spectacular expansion.

Virtual money and user's identity

20 hours ago

Bitcoin is the new money: minted and exchanged on the Internet. Faster and cheaper than a bank, the service is attracting attention from all over the world. But a big question remains: are the transactions ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.