Heal Your Church WebSite


Teaching, rebuking, correcting & training in righteous web design.

The Rise of the Spam Zombies

As reported by Kevin Poulsen of SecurityFocus

Pressed by increasingly effective anti-spam efforts, senders of unsolicited commercial e-mail are resorting to outright criminality in their efforts to conceal the source of their ill-sent missives, using Trojan horses to turn the computers of innocent netizens into secret spam zombies.

In not-to-geek. Spammer’s are using the same technique as those who employ distributed denial of service (ddos) attacks to bring down a web site. This is done by means of taking over someone’s computer, or as Mr. Poulsen describes:

One of those programs popped up last week. Named “Proxy-Guzu,” when executed by an unwitting user the Trojan listens on a randomly-chosen port and uses its own built-in mail client to dash off a message to a Hotmail account, putting the port number and victim’s IP address in the subject line. The spammer takes it from there, routing as much e-mail as he or she likes through the captured computer, knowing that any efforts to trace the source of the spam will end at the victim’s Internet address.

Trojan horses generally rely on their wielder’s ability to trick innocent people into executing them. Proxy-Guzu, naturally, arrives as spam — in one sighting the program was offered as a naughty peek at an online webcam.

In other words, all the more reason NOT to click on a free pr0n offer — or ANY executable/attachment in an email (unsolicited or otherwise). I mean, imagine trying to explain to your church administrator why you’re getting a huge flood of hate mail and complaints for sending spam after that one? All the more reason to keep your virus protection up-to-date, to train your church staff about the dangers of attachments and why I always recommend keeping a church web site on a different server than the office intranet.

2 Comments

  1. I ran across another new and different problem this weekend. Messenger-based spam. I posted details at my blog.

    http://www.b2blog.com/archives/2003_04_01_past.htm#200208223

  2. I recently ran into a problem where I noticed in the logs that robots where hitting my guestbook. I can almost bet that they were stealing email addresses. So I changed the code up a little bit to display an email address like so: nfokus_ac at hotmail.com. I used spaces and I changed the ‘@’ to the word ‘at’. Will that stop robots from stealing email addresses off of my site?