Seth Breidbart says:
If you steal the bandwidth from owned machines (the same way spam
sending and some web hosting is stolen now), your costs are even less.
Jon Kyme responds:
This is all getting silly.
Does anyone still seriously doubt that spamming miscreants are using third
party computers as their web, mail and DNS hosts? Jon? This is not a new
June 2003: ZDNet report on Sobig virus strain, which is a spam relay.
July 2003: BBC report on "Superzonda" spamhaus, who compromised a British
Airways computer (among others) to host their stuff.
New York Times (annoying registration required): Hackers Hijack PCs for Sex
Sites. (I don't have a registration, so I haven't checked this one recently.)
July 2003: Analysis of "migmaf" malware, a reverse-proxy tool for third party
July 2003: The Register report on "webber" malware (more of the same).
September 2003: SecurityFocus forensics on a compromise in which machines are
used as spam servers.
January 2004: SecurityFocus analysis of legal issues associated with "the
Trojan did it" cases (as reprinted in The Register).
I hope that this is sufficient evidence to persuade the sceptic that spammers
and other miscreants are ROUTINELY using compromised third party computers to
do their dirty work. Any anti-spam proposal (particularly those that propose
a cost-burden to the sender) should take this fact into consideration.
Asrg mailing list