Forwarded from: William Knowles <wk@private> http://news.com.com/2100-7355_3-5113080.html [Probably the fastest way to nip this in the bud would be to give users a financial reason to use home firewall and anti-virus software by offering them lower rates on their internet service if the software/hardware is installed and kept up-to date. Or on the flip-side, increase the prices of internet service if you wish to throw caution to the wind and run nothing. I can't see why this incentive isn't out there, everyone wins in the long run. - WK] By Munir Kotadia Special to CNET News.com December 3, 2003 Nearly one-third of all spam circulating the Web is relayed through PCs that have been compromised by malicious programs known as Remote Access Trojans, according to Sophos, an antispam and antivirus company. Graham Cluley, a senior technology consultant for Sophos, said Wednesday that the increasing use of broadband Internet connections and a general lack of security awareness have resulted in about one in three spam e-mails being redirected through the computers of unsuspecting users. "There are lots of people on cable modems and broadband connections that haven't properly secured their computer," he said. "They don't know it, but their PC is being used as a relay for sending spam to thousands and thousands of other people. We believe that 30 percent of all spam"--or unsolicited commercial e-mail messages--"is being sent from compromised computers." Cluley said that if a Remote Access Trojan (RAT), a type of Trojan horse program, is able to get into a PC, an attacker could take full control of that PC, as long as it is connected to the Internet. "They can steal information, read files, write files, send e-mails from that user's name--it is as though the attacker has broken into the office or home and is sitting in front of that computer," he said. There is also a very small chance that PC owners will have any idea their system is being used by a third party, said Cluley, who warned that attackers could remove any traces of their activity so that there would be no obvious record: "It is really just network and Internet bandwidth that is suffering--there is no permanent record left on the PC that you can look up--you wouldn't see anything if you checked your Outlook 'Sent Items' folder," he said. Sophos is also concerned that there may be a connection between virus writers and spammers. Cluley pointed out that the groups have similar interests, and he said he knows of worms that have attacked antispam Web sites. "Antispam Web sites have been knocked out by these viruses," he said. "Why is that? We all suffer from spam. Virus writers are either working with spammers or they are the spammers." *==============================================================* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen Alfred. M. Gray, USMC ---------------------------------------------------------------- C4I.org - Computer Security, & Intelligence - http://www.c4i.org ================================================================ Help C4I.org with a donation: http://www.c4i.org/contribute.html *==============================================================* - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Dec 04 2003 - 05:54:16 PST