Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com> wrote:
--------snip----------
More than 1,000 unsuspecting Internet users around the world have recently
had their computers hijacked by hackers who computer security experts say
are using them for pornographic Web sites.
In addition, the number of bounces I've received about "a virus was
detected in your message to FOO" has increased significantly in the
past week or so.
The hijacked computers, which are chosen by the hackers apparently because
they have high-speed connections to the Internet, are secretly loaded with
software that makes them send explicit Web pages advertising pornographic
sites and offer to sign visitors up as customers
And how, exactly, can the recipient tell this spam from messages
sent out by mobile users who similarly make direct connections?
There's the content, but content filters have their own issues.
Unless the propogation of these malware programs is quenched, I
think this incident can be taken as the start of the end for mobile
users of naked, unauthenticated, unverifiable SMTP. There are other
methods by which they can send email, and those methods will help
protect against this kind of spam attack, at least.
While spammers can adapt and change their methods, I think that
other than willingly cooperating spam houses, this method of co-opting
thousands of random computers is probably the simplest and most
effective way of sending spam.
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg