Botnet Mafia in Online Turf War

An anonymous reader writes " The kind of turf war seen in the real world by drug gangs is being replicated by the criminal gangs behind spamming botnets, and things are turning nasty."

Trying to care

[tomstdenis (446163)]

Trying to care, ..., nope failing.

As someone who doesn't have an email address anymore, I really don't care about spam in the slightest, or the battle they go over to spam people. Most of my spam, that actually made it to my inbox when I had a gmail account was in Portuguese or some random asian looking language. To me it was all gibberish [more than usual] and fleeting. But the ever presence of it [on average I would receive anywhere between 100 and 500 spams a day, with about 5-10 in my inbox] just gnaws at you. Day after day people keep assaulting your inbox, trying to take away the service from you.

And even though gmail is free, it was still MY inbox, if you know what I mean. And having these low lifes just clutter it up every day with the same foreign language bullshit nonsense was annoying.

Eventually I just deleted my account. I have a cell phone if people want to contact me. And for work I have a private email addy that my co-workers can use. Personal email is just a waste.

Tom

Re:Trying to care

[Oligonicella (659917)]

Wow! What the hell were you doing/where were you going that you got so much? I look at tits and ass online and still only get some 10-20 a day on a heavy day. Wow.

Re:Trying to care

[tomstdenis (446163)]

I posted in usenet for several years, wrote OSS software, have my email addy on my websites, etc.

My work email has yet to receive a single spam. Oh, that's because I don't use it for anything but work and it's not on any webpage.

Tom

Re:

[by Anonymous Coward]

You're lucky then. All it takes is for your address to end up in some other person's email client, and they become infected with a spam harvester bot of some kind. It's not as if you even have to communicate with that person. Some fool can forward a crap joke to everyone they know, chances are they won't use bcc:, resulting in your address being sent to a fair number of people.

 

Re:

[djdavetrouble (442175)]

My work email has yet to receive a single spam. Oh, that's because I don't use it for anything but work and it's not on any webpage.

I was spam free for quite a while, but in the last few years, the enterprise wide
address book has clearly been harvested (some 10000+ addresses)
by a bad apple somewhere. I imagine someone installed a "free screensaver"
or something else with a backdoor, or took a company laptop to a unprotected network
and gotten scanned and rooted, etc etc....

Re:

[Remus Shepherd (32833)]

Yes, I've used my main email address for Usenet posts for over a decade, and I get hundreds of spams a day. That's okay, though, I have filters up to the task.

Part of the problem, I feel, are legitimate organizations who sell their client lists to spammers. My work address never got spam until I got published in a professional journal. That journal sold its contributors' email addresses to someone, and I started receiving spam. I have no good solution here -- I'm a scientist, and have to publish or peri

Re:

[jZnat (793348)]

Also, it's not "IPv6", it's "inet6". And not "IP" or "IPv4", we go with "inet". Therefore, instead of "IP address", for example, it's "inet addr". "Email address" can thus be shortened to "mail addr" in techie lingo.

Hmm, this is fun. It's like AOLspeak for techs! And it makes a little more sense.

Re:

[medraut (136992)]

Until one of your coworkers turns out to be one of the eevil spammers! Then we'll watch you cry.

Medraut

aren't you special?

[ClintJCL (264898)]

You come off as an asshole. Just letting you know.

P.S. Some of us need personal email and have relied on it heavily for 15 years.

Re:

[tomstdenis (446163)]

Part of my point was that we don't really need e-mail. It's just nice to have. Just like cell phones. Given that my email was turning into a never ending headache, and I can totally live without it, the smart choice was to just ditch it.

We shouldn't get too worked up over botnets fighting.

Re:

[plover (150551)]

Part of my point was that we don't really need e-mail. ... We shouldn't get too worked up over botnets fighting.

I assume you mean "we" as in the "my family and I" sense; because you certainly don't speak for the rest of us. 27 years ago an emailed message led to me meeting my wife, an event that I personally consider very important.

Just because you don't find email useful doesn't make it useless to the rest of us.

Apart from the spam aspect, botnets are also used to stage attacks on all manner of ta

Re:Trying to care

[inviolet (797804)]

As someone who doesn't have an email address anymore, I really don't care about spam in the slightest, or the battle they go over to spam people.

You do realize that the costs of spam mitigation are all passed on to you, in the form of higher prices for gadgets, for professional and financial services, and eventually for everything else? Or do you not care about that either?

By the way, now that we are out of the Grunge era, it is no longer automatically cool to not care about such things.

Re:Trying to care

[ThousandStars (556222)]

As someone who doesn't have an email address anymore [...]

So, do you still have a TV? [theonion.com]

Careful..

[michaelhood (667393)]

It'd be a shame if something were to happen to this nice botnet ya got here...

ISPs have to be the solution

[sherriw (794536)]

Time for ISPs to stop being so nicey-nice about this.

1) Send an email to all customers saying that the ISP will begin choosing a random day (say every 3 months or so) to scan for infected computers churning out email.
2) On that random day (random so the spam bots won't be programmed to be silent on that day) the ISP shuts down outgoing mail for all infected computers on their network.
3) Customer who can't send mail is irate and calls ISP tech support hotline.
4) Tech support says: we warned you... please follow these virus removal instructions and install/update your anti virus software.

Bam problem solved. People who keep getting blocked every 3 months will quickly learn to take better care of their computers. Along with the customer's invoice the ISP could send an information sheet with prevention and removal instructions.

Maybe governments can give ISPs a little financial help for doing this?

Unfortunately I don't see any other solution other than tough-love.

Re:ISPs have to be the solution

[tomstdenis (446163)]

Can't have that. People can't be held responsible for what goes on in their computers. After all they're big magical boxes and the public is just so stupid.

I think this is a problem only MSFT can solve.

Tom

Re:

[d3ac0n (715594)]

-1 for missing the sarcasm.

Although I suppose he should get -1 for not using a /sarc tag.

-1's all around! Whee!

Re:ISPs have to be the solution

[Richard W.M. Jones (591125)]

I don't know about the rest of the world, but in the UK ISPs routinely cut off people if their machines are spewing spam (or other malware). The first thing most users know is when any web page they try and visit takes them to an ISP page telling them to run some malware scanning software.

Rich.

Re:

[Richard W.M. Jones (591125)]

Even if they have been charged multiple times with drunk driving, they are able to get their license back, because it's something they "need". In some situations a car is needed, but if you continually show that you aren't going to be responsible, then you really think you have the need for a car.

I'm not sure I'd compare this to drunk driving. If you drive drunk then you had a choice, and clear responsibility not to do that. On the other hand grandmothers buy Windoze computers to type out emails to t

Re:

[CastrTroy (595695)]

But MS gets very little grief to fix it, because the users don't experience any direct problems. Those who know what they're doing, including Computer savvy people and network admins for large companies will put the proper measures in place to protect against potential problems, just as their would with any OS. But as long as grandma is still able to send email, then she is happy. It might be a little show if her computer is part of a botnet, but she's still able to do her work. If the ISPs start to cut

Re:

[@madeus (24818)]

I agree that software companies should be more responsible than they presently are (and that software doesn't do what it could to keep users safe), but it's ultimately a toss up between an OS thats horrible and frustrating to use (e.g. Vista style constant nagging whenever you try to do anything) and just relying on users common sense. When you do get to the stage of having constant blocking and / or popups during normal use, those messages lose their effectiveness, because users click right through them (p

Re:ISPs have to be the solution

[PeeAitchPee (712652)]

People who keep getting blocked every 3 months will quickly learn to take better care of their computers.

It's a great theory, but in practice, I'm afraid that your average lazy consumer will simply switch to another (non-blocking) ISP who will happily take their money. 99% of the computer users out there don't even know what a spam bot is (unless they can regurgitate some buzzword from a commercial they saw), let alone how to fix a crippled PC. Your strategy only works if all the ISPs agree to it, and that ain't gonna happen.

Let's face it -- it's time for a new and improved mail protocol.

Re:ISPs have to be the solution

[asninn (1071320)]

I'm not so sure about that. Yes, people are lazy, but switching to a different ISP is more of a hassle than running a virus/malware scanner; even if you're really computer-unsavvy, you'll probably have a child, sibling, cousin or friend who knows a bit more about computers and can do it for you.

And I still haven't seen any mail protocol proposals that would both cut down on spam in an effective fashion as well as not interfere with legitimate mail and not violating non-technical requirements like privacy etc.

Seriously, spam is a semantic problem, in a way; something that is spam for one person or in one situation need not be spam for someone else or in another situation. I'm signed up for a handful of company newsletters informing me about special offers etc., for example, and those aren't spam (since I signed up for them), but if I received them without having signed up, I'd definitely consider them spam. How is a mail delivery protocol supposed to be able to distinguish between these situations?

Re:

[ball-lightning (594495)]

I'm not so sure about that. Yes, people are lazy, but switching to a different ISP is more of a hassle than running a virus/malware scanner; even if you're really computer-unsavvy, you'll probably have a child, sibling, cousin or friend who knows a bit more about computers and can do it for you.

Five years ago, I would have agreed with you. The problem is, (some) of those same kids who were fixing computers a few years ago have graduated to writing the malware they used to remove. I am gainfully e

Re:

[PeeAitchPee (712652)]

Then make it a legal requirement

Yeah, that's what we need -- more laws regulating the Internet. You know, 'cuz the ones we have already work so well.

Re:ISPs have to be the solution

[jeffasselin (566598)]

We don't need more laws, we simply need better laws written by people who actually understand the technology that needs to be regulated.

Re:ISPs have to be the solution

[TeXMaster (593524)]

Oh I'll just love it when my ISP blocks my internet connection because I just sent a patchset by email to a *-devel list for peer review.

I know the good intentions and all that, but seriously, I'm already pissed enough at my ISP (Tiscali.it) that doesn't allow me to send more than 3 consecutive emails.

So either implement this kind of stuff with a proper way to tell spam sending from acceptable mass mailing, or be ready to handle hordes of very angry customers.

Re:ISPs have to be the solution

[powermacx (887715)]

Well, here in Argentina the first answer when you call tech support to complain your connection isn't working is: "You've got spyware. Reinstall Windows and install an up to date antivirus+antyspyware".

Of course, when I answer: "Er... I have a Mac" the answer is "Uh... I don't know... did you try restarting?"

oblig checklist

[remmelt (837671)]

Your post advocates a

(X) technical ( ) legislative ( ) market-based (X) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
(X) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the mone

Botnet Mafia warnings

[marto (110299)]

You could wake up with an ascii horses head in your inbox http://www.virtualhorses.com/graphics/asciiart.htm [virtualhorses.com]

Let's have ...

[WrongSizeGlass (838941)]

... Botnet Wars! They can infect systems and fight it out in the process table.
"Watch out! They just spawned a thread that has access to your virtual address space! Protect your data registers!"

Where will there HQs be?

[master5o1 (1068594)]

Will they be in the typical Pizza shop website? something like www.donluigi-pizza.com (and donluigi-pizza.org for eGangster login)

Cash Rules Everything Around Me

[packetmon (977047)]

Browsing through some of the posts here, I'm seeing how people tend to forget the financial aspect of botnets. Spam, malware is big business (obviously) so its no surprise that can become the online equivalent to a Columbian drug war without the murders and guns. There is huge business in bots and whats sad is, the low man on the totem pole is often some American company who's advertisements are being spammed (for the spammers). Vint Cerf stated there are millions of infected machines, I don't know about those numbers, but I can tell you that if I was involved in (dis)organized crime, why should I re-invent the wheel when I could re-program my own bots to take over others' cruddily created bots. This falls in line with a document I wrong (Ubuntu and the Destruction of the Internet [infiltrated.net]) where my logic is, "are you sure you want grandma using Linux"?... With e-Criminals getting savvier, how long will it be before the Internet truly becomes the Wild West... Some may think its not a big deal, but when there are finances involved, that can escalate to physical crimes (shootings, murder, etc.) and its happened a few times where (dis)organized idjits stealing e-money from games were caught up in real life incidents for stepping over "turf".

We're doomed

[giafly (926567)]

The really organised criminals will be using exactly the same techniques to evade capture and to protect the business of criminality as is seen in the drugs war. You can be sure that while sacrificial lambs get jail time, the gang bosses and the real botnet builders will continue to prosper. Until, that is, law enforcement, the judiciary and governments around the world start to take the spam problem as seriously as they do the drugs one.

We're doomed

Final solution

[Fuzzums (250400)]

I hope they'll drive-by-spam eachother until their computers are fried.

Botnets blowing each other up?

[Arancaytar (966377)]

Yay! I'll get popcorn!

Oh wait, that also means the tubes get clogged. Dang it.

PGP is your friend

[oliverthered (187439)]

If people actually started using the tools that have been available for years and signed their emails it would be a lot easier to spot the ones sent out by spam bots.

It's amazing how hard it is to get a company to send you a signed email to prove who they are and even harder to send an encrypted email containing personal information to them even though everyone knows how insecure email it.

Lazy Government,
Lazy Companies,
Lazy Consumers.
The tools are there for free and have been for years.

Re:

[codemachine (245871)]

Sadly, it just isn't easy enough to use for the common person. Nor is it widespread enough that even technical people would bother - even a lot of sysadmins don't touch it, even though it'd be easy for them to deploy.

We need to have it integraded into our clients in such a way that everyone would start using it. However, it'd be a lot easier to do that with IM than email as of now. You can have the client add the contact's key when the contact is added, and you can store it on a server side list so that

End the War On Botnets

[Cyryathorn (6591)]

Obviously, the War On Botnets has failed. All the War On Botnets has done is created a lucrative enterprise for organized crime. We need to legalize botnets, so that botnet operators can finally come out of the shadows. Also, once legalized, we can tax botnets -- this way, botnets become an income generator for the government, rather than a black hole of enforcement dollars. The police can then better spend their time tracking down *real* criminals.

This will eventually be solved on its own

[gunnarstahl (95240)]

Relax and wait. Over time, ISPs will start to get seriously annoyed by this waste of bandwidth. As soon as customers start calling and complain about their crawling download speed, ISPs will have to start to act.

And ISPs who act against it will finally gain a reputation for providing being spam-free services. Just regularly call your ISP and complain about that they don't filter the spam.

For me having about 20-30 junk mails in my inbox per day isn't really much trouble. T'Bird does a fairly good job detecting them. And if it really starts to bug me I will install something like spamassassin on my server. So, who cares.

Don't get me wrong: I just hate this stuff like everyone else. But even wasting thoughts on it is useless.

Yt,

Gunnar

No, not really

[Dachannien (617929)]

The kind of turf war seen in the real world by drug gangs

Until I actually RTFA, I thought they meant that botnet gangs were finding the people running opposing botnets and killing them.

Or maybe I was just secretly hoping.

And this will only get worse

[Opportunist (166417)]

As long as people are not held responsible for what damage their machines do to the net, this will not change.

Botnets rely on people being negligent, clueless and generally careless. There is no such thing as an unavoidable infection. Over 99% of all infections rely on user interaction (and yes, while over 98% of percentages used in biased reports are fake, this one I can actually vouch for), with remote exploits only constituting for a very, very small of infections, most of which also relying on your use of an insecure machine directly connected to the net.

If people acted on the road like the act in the net, a mass accident with 100s of cars involved would not be a newsworthy item. It would be the rule in rush hour traffic! And as much as I hate car analogies, this one is sadly true.

People switch their common sense off when they access the internet. I have no other explanation for this phenomenon. You can get most people to double click your attachment with the most hare brained excuse, "important news from your lawyer" is often enough.

Even if they have none!
With the "from" line reading "lawyer"!!!

The main problem isn't spam. The core problem is that those botnets are then used to spread even more and even more dangerous malware around. Bankfraud being one of the more "harmless" things in their arsenal.

People have to be held responsible for what their machines do, and what cause they harm to the rest of the net population. I'm not talking jail time, it needn't be capital punishment. The people we're talking about are not your "usual criminals". They already wet their pants if there's a chance that they could have to show up as defendent in court, as those "you went to our page so you owe us 500 bucks or we drag you to court" scams prove. Some kind of nominal fine would already be plenty.

Don't get me wrong. I don't want to keep anyone from using the net. But as with everything that can be harmful to other people using the same tools you do, you have to act responsibly. This applies to cars, this applies to guns, and it also applies to machines with internet connection.

Re:And this will only get worse

[joto (134244)]

People switch their common sense off when they access the internet. I have no other explanation for this phenomenon. You can get most people to double click your attachment with the most hare brained excuse, "important news from your lawyer" is often enough.

So why shouldn't people doubleclick their attachments? I mean, to read the attachment, you have to doubleclick it, right? So why are you suggesting that they shouldn't?

This is completely counterintuitive. The people who need to be held responsible are the idiot programmers who allow arbitrary code to be executed by clicking on attachments in a program deliberately designed for end-users. Such a feature in an email-program sounds like it might be more useful to movable-computation researchers working on lab-machines in a closed network.

Don't get me wrong. I don't want to keep anyone from using the net. But as with everything that can be harmful to other people using the same tools you do, you have to act responsibly. This applies to cars, this applies to guns, and it also applies to machines with internet connection.

And by clicking on attachments, you are harming someone? By simply leaving your computer connected to the Internet, you are harming someone?

This is completely counterintuitive. It would be like prosecuting car-owners for having their cars parked in the garage instead of constantly driving it to and from the factory for "updates". Or prosecuting gun-owners because the manufacturer of the gun decided that whenever you put the safety on, the gun would fire a shot, if someone sent a certain radio-signal.

Nonsense! Technical problems deserve a technical solution!

How to avoid spam (slightly OT)

[Lavene (1025400)]

In a consumer help program on TV they had brought in an expert to teach people how to avoid spam (viruses was already covered in an earlier program. Sadly (?) I missed that one. From the top of my head, some of the advices was:

Do not open porn sites (Yes, he said 'open')
Do not watch online movies
Keep an updated anti virus
Do not use web based e-mail
When not using your computer turn it off. Laptop users should close the lid.(I love this one!)

The most peculiar though was that not once did he warn about giving out your e-mail address. Thank god we have experts like that to help us protect our self...

Re:

[PrescriptionWarning (932687)]

I think it might still be better than Hackers, Swordfish, and that one with Sandra Bullock though... :P

Re:Somehow...

[billcopc (196330)]

I'm still waiting to be cast in an XXX Hackers spoof, where copying a garbage file sends the female lead on a dirty, dirty quest to get out of trouble with the sleazy fat ugly cops that pursue her.

Might as well spoof Takedown as well, where a fugitive hacker leads his asian arch nemesis on a cross-country chase through every brothel in the USA, all over a dick-length argument. They finally settle their feud in a stomach-churning scene where they both anally violate a journalist named John Warkoff.

Oh come on! When have you ever seen pr0n with a good story ?

Re:Somehow...

[Rob T Firefly (844560)]

*ominously clicking together Jolt COla bottles stuck on fingertips*

Botnets... come out to play-ayyyyy!

Re:

[Fordiman (689627)]

Ah, get over it.

I'm actually *related* to italian mafioso (though not involved), and I don't give a half-shit about this. Mafia implies italians about as much as Nazi implies germans. It's a specific group of Not-Very-Nice people, and these days, they're of any race creed or color. Use it in that fashion and the implication fades.

No, seriously. If your offended, your oversensitive. Shut up and deal with it.

Re:Somehow...

[Retric (704075)]

I'm actually *related* to italian mafioso... Shut up and deal with it.

Yes, Sir.

Re:fix the cause not the symptom

[mpe (36238)]

The war on drugs is a miserable failure. So please find another parable

A "war on spam" might actually work better than "war on drugs" simply because there are liklely to be far fewer people who wants spam than want various drugs.

the whole enviroment that these people thrive in is made possible by MS Windows and its' horrible security. why don't we start screaming about fixing the root cause of the problem ?

Thing is that there are plenty of people who appear to think that Microsoft's bluring the line between user & administrator or having a "monoculture" environment is a good thing.