ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Spam, defined, and permissions

2004-12-31 20:20:22
from [Hannigan, Martin] [Permanent Link] 


They aren't the seller or the spammer, technically.

They run like corporations: 

Sponsors - wants to scam, sell something real, phish, viagara, etc. Rents
botnet.

Spammer - gets a cut of sale or clickthrough % of sale. Operates the
spamming host. Lots located in Florida for some reason. You can probably
guess who.

Bot Herders - get the bots out there that are either stale, some rbl, or
fresh, little rbl.

Proxy Salesmen - sell the lists ie rbl, some, lots

One person can do all jobs, or they have others filling functions for cuts
of revenue.

Its a whole economy. They work for money. They extort(ddos) and the spam.

Its sophisticated, bit not fancy. Good luck to cbl, they are working the 20
of 80/20 and its not easy (thanks cbl). The controllers are the 80.

-M


---
Martin Hannigan
hannigan(_at_)verisign(_dot_)com
Verisign, Inc.


-----Original Message-----
From: asrg-bounces(_at_)ietf(_dot_)org <asrg-bounces(_at_)ietf(_dot_)org>
To: asrg(_at_)ietf(_dot_)org <asrg(_at_)ietf(_dot_)org>
Sent: Fri Dec 31 18:35:56 2004
Subject: Re: [Asrg] Spam, defined, and permissions

On Dec 31 2004, Hannigan, Martin wrote:



I understand that. There are far more "compromised" and operating
zombies, but the average "operating size" appears to be around 100K.

You don't need anymore than that to accomplish a DDOS or a massive
spam. The miscreants are in this for money. 


The black hats who build and maintain the zombie networks are probably
not the spammers themselves. I'd be curious to learn what the pricing
schedule for renting a zombie army is. There's probably an entry level
price for 100K zombies per day, 500K per day, 1 million per day.

Also, I expect there's some inbuilt redundancy, the black hats want
lots of inactive zombies which remain undetected but can be activated
when needed.

-- 
Laird Breyer.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Spam, defined, and permissions, Laird Breyer
Previous by Thread:  Re: [Asrg] Spam, defined, and permissions, Laird Breyer
Next by Thread:  [Asrg] SICS, definitions, and accountability for `spam`, Amir Herzberg
Indexes:  [Date] [Thread] [Top] [All Lists]