http://news.zdnet.co.uk/internet/0,39020369,39186364,00.htm Dan Ilett ZDNet UK February 02, 2005 Spam levels are about to skyrocket, according to experts who warned this week that spammers have developed a new way of delivering their wares. According to SpamHaus -- an anti-spam organisation which compiles blacklists blocking eight billion messages a day -- a new piece of malware has been created that takes over a PC and then uses it to send spam via the mail server of that PC's Internet service provider. This means the spam appears to come from the ISP, making it very hard for an anti-spam blacklist to block it. Previously, these zombie PCs have been used as mail servers to send spam emails directly to recipients. "The Trojan is able to order proxies to send spam upstream to the ISP," said Steve Linford, director of SpamHaus. Linford believes that this Trojan was written by the same people who write spamming software. Reports suggest that ISPs in the US have already been hit. "We've seen a surge in spam coming from major ISPs. Now all of the ISPs are having large amounts of spam going out from their mail servers," said Linford. This will cause serious problems for email infrastructures as it is impractical to block domain names from large ISPs. Linford predicts that ISPs will see a growth in the volume of bulk mail they send and receive over the next two months, with spam levels rising from75 percent of all email to around 95 percent within a year. "The email infrastructure is beginning to fail," Linford warned. "You'll see huge delays in email and servers collapsing. It's the beginning of the email meltdown." Linford said that ISPs need to act fast to take control of the problem. "They've got to throttle the number of emails coming from ADSL accounts. They are going to have to act quickly to clean incoming viruses. ISPs have so much spam -- they are too understaffed to call people up and tell them they have Trojans on their machines. And no one would know what you're talking about." ISPs BT and Thus didn't respond to requests for comment on this issue. Anti-spam company MessageLabs confirmed Linford's findings. "This ups the ante in the need for filters," said Mark Sunner, chief technology officer for MessageLabs. "It makes it more difficult for people who compile black lists, which is why spammers are doing this. It will put more pressure on ISPs to take greater interest in the traffic they carry and filter at source." The Information Commissioner's Office, the UK's point of call to report about spam, said it had received no complaints of bulk spam from ISPs. A statement from the ICO said, "As you are aware the ICO's role is to enforce the regulations (the Privacy and Electronic Communications (EC Directive) Regulations 2003. If it receives complaints regarding spam, the ICO needs to establish the source of the spam to take action. The ICO then contacts the company concerned." _________________________________________ Bellua Cyber Security Asia 2005 - http://www.bellua.com/bcs2005
This archive was generated by hypermail 2.1.3 : Thu Feb 03 2005 - 01:27:20 PST