ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: [Asrg] Spammer proxies using legitamate mail relays

2005-02-15 19:51:08
from [George Ou] [Permanent Link] 
-----Original Message-----
From: asrg-bounces(_at_)ietf(_dot_)org 
[mailto:asrg-bounces(_at_)ietf(_dot_)org] On Behalf Of
Laird Breyer
Sent: Tuesday, February 15, 2005 5:34 PM
To: asrg(_at_)ietf(_dot_)org
Subject: Re: [Asrg] Spammer proxies using legitamate mail relays

On Feb 15 2005, George Ou wrote:

According to this article 
http://www.spamhaus.org/news.lasso?article=156,
spamware has improved it's capability to avoid black listing by using 
the legitimate outbound SMTP servers of it's infected victim.  As a 
result, an increasing amount of spam is coming from legitimate mail

gateways.


Does anyone have more detailed information on spamware and how it 
manages to do this?  Does it steal SMTP server configuration 
information from the



If a trojan or spyware/spamware is installed on a user's Windows computer,

then it can do everything a user can do. The actual details of how it's done
don't matter, because you can never fully protect against that sort of
abuse.


All a program has to do is to move the mouse and simulate keyboard typing

and then it has all the privileges of a user. If a password needs to be
typed repeatedly, it can be intercepted and saved. Or the program can just
wait for the user to type in credentials, and then hijack the mouse and
keyboard. Other methods are simply programming shortcuts.


The only limit is how smart the black hats are, and that depends on how

much they are getting paid to write the spamware.


Thanks for the detailed response Laird.  I was well aware that once malware
is installed on a computer, the computer is "owned" by the author of that
malware.  I'm simply curious about the actual state of implementation that
spamware has achieved.  "Spamware" is the actual name of the software
written by a Russian programmer as noted by the Spamhaus article.  Spamware
is the platform of choice and is sold to spammers world wide and is being
protected by MCI the former Worldcom and soon to be Verizon.  This is more
of a practical question than a theoretical one, but thanks for your
respones.


George Ou


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Spammer proxies using legitamate mail relays, Laird Breyer
Next by Date:  Re: [Asrg] Spammer proxies using legitamate mail relays, Laird Breyer
Previous by Thread:  Re: [Asrg] Spammer proxies using legitamate mail relays, Laird Breyer
Next by Thread:  Re: [Asrg] Spammer proxies using legitamate mail relays, Laird Breyer
Indexes:  [Date] [Thread] [Top] [All Lists]