For Mother's Day, Try Some Spam

May 12, 2007

As Mother's Day spam increases, researchers discover an unrelated application being used to control botnets in 54 countries.

Mother's Day is bringing an unwanted gift - spam.

According to researchers at security vendor Sophos, spammers have been trying to sell items like flowers, chocolates and baskets of fruit to consumers who may have not yet purchased presents for their mothers.

"The United States is celebrating Mother's Day on Sunday, and spammers have ramped up their operations to try and sell last-minute goods to forgetful sons and daughters," Graham Cluley, senior technology consultant for Sophos, headquartered in Abingdon, England, said in a statement.

"Mothers may appreciate their children being reminded by a spam to do something special, but buying goods advertised in this way only encourages the spammers to send more junk e-mail. If no one purchased the products sold via spam then the spammers would disappear," Cluley said.

Sophos experts said there are at least 23 different dates used in countries around the world to celebrate Mother's Day, but spammers focus on the North American celebration because it provides them with the largest possible audience.

Meanwhile, security specialists at Panda Software 's anti-malware laboratory, PandaLabs, on May 10 uncovered an application being used to control botnets in 54 countries.

Ryan Sherstobitoff, product technology officer at Panda Software, headquartered in Glendale, Calif., said the tool did not seem to be connected to the recent Mother's Day spam e-mails, but was a threat - particularly if it was used by cyber-criminals.

"Everything has the end-all goal - of stealing - information," Sherstobitoff said in an interview with eWEEK.

The application, called Zunker, contains a statistics section that includes graphs displaying the performance of each bot in the network, the number of available zombies and their monthly or daily activity.

Zunker also lets the user control the bots and allows the user to design the content of the spam with different templates depending on whether the message is aimed at e-mail accounts, instant messaging or forums, PandaLabs researchers said.

Although these tools are common among botnet operators, finding them is not always easy, security professionals agreed.

"The spammers communicate on invite-only forums, which are hard to get access to," said Matt Sergeant, senior anti-spam technologist at MessageLabs. "Some anti-spammers do have this access, but they don't have time to read every post or set up stings to get access to the tools."

Sergeant said he and others at MessageLabs, headquartered in Gloucester, England, suspect that botnet operators have teams of programmers at their disposal to create tools like Zunker. He suggested users take the well-known precautions of having a basic level of firewall and anti-spam protection, and urged them not to click on anything from a disreputable or unknown source.

"ISPs can help by blocking port 25 and checking block lists for users within their networks for infections," he said, explaining that the move would allow ISPs to isolate infected users and assist them with the cleanup.

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Should you be worried about paid editors on Wikipedia?

add to favorites email to friend print save as pdf

Related Stories

Amazing raw Cassini images from this week

2 hours ago

When Saturn is at its closest to Earth, it's three-quarters of a billion miles away—or more than a billion kilometers! That makes these raw images from the ringed planet all the more remarkable.

Recommended for you

How much do we really know about privacy on Facebook?

3 hours ago

The recent furore about the Facebook Messenger app has unearthed an interesting question: how far are we willing to allow our privacy to be pushed for our social connections? In the case of the Facebook ...

Philippines makes arrests in online extortion ring

3 hours ago

Philippine police have arrested eight suspected members of an online syndicate accused of blackmailing more than 1,000 Hong Kong and Singapore residents after luring them into exposing themselves in front of webcam, an official ...

Google to help boost Greece's tourism industry

16 hours ago

Internet giant Google will offer management courses to 3,000 tourism businesses on the island of Crete as part of an initiative to promote the sector in Greece, industry union Sete said on Thursday.

Music site SoundCloud to start paying artists

23 hours ago

SoundCloud said Thursday that it will start paying artists and record companies whose music is played on the popular streaming site, a move that will bring it in line with competitors such as YouTube and Spotify.

Facebook awards 'Internet Defense Prize'

Aug 21, 2014

Facebook awarded a $50,000 Internet Defense Prize to a pair of German researchers with a seemingly viable approach to detecting vulnerabilities in Web applications.

User comments : 0