Schneier on Security
A blog covering security and security technology.
« Friday Squid Blogging: Cuttlefish Embryos Can See |
| Ransomware »
June 16, 2008
Botnets as a Business
The Storm worm is being used to sell pharmaceuticals such as Viagra.
Posted on June 16, 2008 at 7:46 AM
• 13 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
Worse than that, often they are counterfeit too. :-(
Storm recently evolved from an "all-in-1" malicious platform, performing malware spreading, spam sending, and so on, to a malicious ASP services supplier.
Among the provided services, the most visible for now is fast-flux hosting for "fake" e-shops.
But the malicious hosts used as HTTP proxies also can be used as malicious DNS resolvers, some runs SMTP gateways too.
That suggests some bad weeks/months are still ahead.
Botnets have been used for spam since they started.
If law enforcement really wanted to shut them down, following the money would work.
Is that the voice of experience Chris Samuel? :-)
Who the HELL actually buys drugs advertised in spam?? I mean, seriously? How stupid do you have to be?
Albatross, nothing exceptionally stupid here. I mean, lots and lots of people still believe in gods of all kinds, don't they?
"I mean, lots and lots of people still believe in gods of all kinds, don't they?"
You should ask the Albatross about the "devils wife" 8)
From the rime of the ancient mariner,
And those her ribs through which the Sun
Did peer, as through a grate ?
And is that Woman all her crew ?
Is that a DEATH ? and are there two ?
Is DEATH that woman's mate ?
!Her lips were red, her looks were free,
Her locks were yellow as gold :
Her skin was as white as leprosy,
The Night-mare LIFE-IN-DEATH was she,
Who thicks man's blood with cold.
Death and Life-in-Death have diced for
the ship's crew, and she winneth the
The naked hulk alongside came,
And the twain were casting dice ;
'The game is done ! I've won ! I've won !'
Quoth she, and whistles thrice.
And so was the fate of the mariner...
"Who the HELL actually buys drugs advertised in spam?"
The bigger and more important question is who actually buys drugs advertised, full stop? Or in other words, who thinks unsolicited advertising is a good idea?
Believe it or not there are many marketing executives who are jealous of anyone who can move product using any means possible. They honestly can not give you a clear definition of spam because they see marketing as marketing no matter what the medium.
I have sat in many meetings with marketing execs who say security is silly for thinking consumers hate unsolicited mail. "How do they know until they see" was sometimes the refrain. This is the often awkward and unstated role of an information security professional, to help define digital ethics and even to try and create the line between consent and fraud. The line is easier to hold, of course, if there is an independent governing body involved.
Perhaps my most ironic memory of this was when a team I managed had to respond to a spam-originated incident on a marketing system, and yet that same day we could not convince them to change their outbound email messaging campaigns.
All too often in incidents you will find people saying "don't point that finger over here, we meant no harm with our x". I guarantee there are marketing execs right now trying to figure out how to harness botnets for their "legitimate" advertising campaigns.
I noticed the BBC was recently poking fun of drug marketing in America:
"Americans do accept advertising in areas where it does not tend to appear elsewhere."
Its all about marketing. Actually, its all about the line expensive marketeers push to companies to convince them that such techniques are necessary to make sales. Those same companies are going for cheap overseas labor and soon there will be NOBODY left with enough money to buy anything. What then?
Similar to a recent hack that we analyzed . The miscreants built the html front end of their viagra shopping cart in a hidden directory on the hacked server and use it to re-direct the users to their real viagra site.
Why? Because the hacked site had a high page rank.
SEO at its finest.
I don't believe anybody deals with spam any other way than deleting on sight. I can't understand why those who order spam believes that anybody at least reads it, leave alone buys something.
About the best use for spam I have seen is this site:
which taglines itself "Poorly-drawn cartoons inspired by actual spam subject lines!". The main site is rarely updated, but the forums are lively, with fans posting several "guest strips" on most days. Expect bad puns and surprising secondary meanings of words.
@Sejanus: "I can't understand why those who order spam believes that anybody at least reads it, leave alone buys something."
Well, there *must* be some amount of return-on-investment, otherwise nobody would use spamvertising. Even if the "conversion rate" would be only 1:100.000, it probably would still be worthwile given the really low costs of spamming.
There are also studies which showed that these penny-stock spams actually do have an effect on the (abused) company's share prices.
Schneier.com is a personal website. Opinions expressed are not necessarily those of BT.