For Mother's Day, Try Some Spam

May 12, 2007

As Mother's Day spam increases, researchers discover an unrelated application being used to control botnets in 54 countries.

Mother's Day is bringing an unwanted gift - spam.

According to researchers at security vendor Sophos, spammers have been trying to sell items like flowers, chocolates and baskets of fruit to consumers who may have not yet purchased presents for their mothers.

"The United States is celebrating Mother's Day on Sunday, and spammers have ramped up their operations to try and sell last-minute goods to forgetful sons and daughters," Graham Cluley, senior technology consultant for Sophos, headquartered in Abingdon, England, said in a statement.

"Mothers may appreciate their children being reminded by a spam to do something special, but buying goods advertised in this way only encourages the spammers to send more junk e-mail. If no one purchased the products sold via spam then the spammers would disappear," Cluley said.

Sophos experts said there are at least 23 different dates used in countries around the world to celebrate Mother's Day, but spammers focus on the North American celebration because it provides them with the largest possible audience.

Meanwhile, security specialists at Panda Software 's anti-malware laboratory, PandaLabs, on May 10 uncovered an application being used to control botnets in 54 countries.

Ryan Sherstobitoff, product technology officer at Panda Software, headquartered in Glendale, Calif., said the tool did not seem to be connected to the recent Mother's Day spam e-mails, but was a threat - particularly if it was used by cyber-criminals.

"Everything has the end-all goal - of stealing - information," Sherstobitoff said in an interview with eWEEK.

The application, called Zunker, contains a statistics section that includes graphs displaying the performance of each bot in the network, the number of available zombies and their monthly or daily activity.

Zunker also lets the user control the bots and allows the user to design the content of the spam with different templates depending on whether the message is aimed at e-mail accounts, instant messaging or forums, PandaLabs researchers said.

Although these tools are common among botnet operators, finding them is not always easy, security professionals agreed.

"The spammers communicate on invite-only forums, which are hard to get access to," said Matt Sergeant, senior anti-spam technologist at MessageLabs. "Some anti-spammers do have this access, but they don't have time to read every post or set up stings to get access to the tools."

Sergeant said he and others at MessageLabs, headquartered in Gloucester, England, suspect that botnet operators have teams of programmers at their disposal to create tools like Zunker. He suggested users take the well-known precautions of having a basic level of firewall and anti-spam protection, and urged them not to click on anything from a disreputable or unknown source.

"ISPs can help by blocking port 25 and checking block lists for users within their networks for infections," he said, explaining that the move would allow ISPs to isolate infected users and assist them with the cleanup.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Facebook dressed down over 'real names' policy

add to favorites email to friend print save as pdf

Related Stories

Microryza helps round up dollars for fund-it-yourself science

Jul 10, 2013

When two University of Washington graduates launched one of the first crowd funding sites for science, they had to beat the bushes for projects. A year later, so many researchers are beating on Microryza's door that the startup ...

Explainer: What is hacking?

Apr 05, 2013

Last week, we woke to news that the largest cyber attack ever was underway in Europe, with reports of global internet speeds falling as a result of an assault on the anti-spamming company Spamhaus.

Security researchers in force at USENIX Security

Aug 10, 2012

Everybody who's anybody in the no-longer-arcane field of computer security is out in force in Bellevue, Wash., this week at the 21st USENIX Security Symposium, the leading computer systems and networking ...

Recommended for you

Facebook dressed down over 'real names' policy

1 hour ago

Facebook says it temporarily restored hundreds of deleted profiles of self-described drag queens and others, but declined to change a policy requiring account holders to use their real names rather than drag names such as ...

Yelp to pay US fine for child privacy violation

8 hours ago

Online ratings operator Yelp agreed to pay $450,000 to settle US charges that it illegally collected data on children, in violation of privacy laws, officials said Wednesday.

A Closer Look: Your (online) life after death

Sep 16, 2014

Sure, you have a lot to do today—laundry, bills, dinner—but it's never too early to start planning for your digital afterlife, the fate of your numerous online accounts once you shed this mortal coil.

Web filter lifts block on gay sites

Sep 16, 2014

A popular online safe-search filter is ending its practice of blocking links to mainstream gay and lesbian advocacy groups for users hoping to avoid obscene sites.

User comments : 0