International Spam Ring Shut Down

smooth wombat writes "An international spam ring with ties to Australia, New Zealand, China, India, and the US is in the process of being shut down. Finances of members in the US are being frozen using the CAN-SPAM Act of 2003 while the FBI is pursuing criminal charges. The group sent spam advertising male enhancement herbs and other items using a botnet estimated at 35,000 computers, and able to send 10 billion emails per day. The Federal Trade Commission monitored the group's finances and found that they had cleared $400,000 in Visa charges in one month alone."

Of Spammy Ring...

[smitty_one_each (243267)]

"Of spammy ring"
In the shower we sing,
While suds we fling,
Cleanshaven chin bring...
Burma Shave

Three Rings

[plover (150551)]

Three Rings spamming the Elven-kings for Cialis to buy,
Seven for the Dwarf-lords to refinance their home of stone,
Nine for Mortal Men lacking in size,
One for the Dark Lord reading his pr0n
In the Land of Mordor where the Spammers lie.
One Ring to spam them all, One Ring to find them,
One Ring to fleece them all and in their greed bind them
In the Land of Mordor where the Spammers lie.

Re:Of Spammy Ring...

[smitty_one_each (243267)]

Well, the process involves some doggerel and typing...
But the real point is to escape briefly the election season.

Re:Of Spammy Ring...

[aproposofwhat (1019098)]

Some doggerel we pen
Despising both men
If McCain wins, what then?
Vietnam Shave

Myanmar-Shave

[tepples (727027)]

How can you make a Burma Shave joke on Slashdot, where most of the users were born at least a decade after the last sign came down?

Besides, the name of the country has changed since then:

DON'T BE
A SLAVE
IN LABOR'S MAW
WHEN YOU CAN WORK
FOR TATMADAW
Myanmar-Shave [satirist.org]

Re:Myanmar-Shave

[ta bu shi da yu (687699)]

Only if you are a military junta. Most of the rest of the world still calls it Burma.

New York Times Manual of Style says...

[patio11 (857072)]

Myanmar is the preferred usage, Burmese is acceptable, and to remind readers it was once called Burma when appropriate.

I will refrain from the obvious Times-bashing jokes.

See also: http://www.slate.com/id/2191002/ [slate.com]

Jeez you people...

[JustNiz (692889)]

just stop buying stuff advertised by spam already.

Re:

[religious freak (1005821)]

No kidding, almost enough to make me consider going into spam as a business... ok, not really ... but 400K/month?!

Re:Jeez you people...

[ari_j (90255)]

I want to punch every one of those assholes who buys products advertised by spam e-mail in his face. I've been saying for years that, if the supply of gullible idiots with credit cards dried up, the spammers would reduce their efforts drastically.

Re:

[moderatorrater (1095745)]

Quit being a douchebag. Did you see the part where they're capable of sending out billions of emails per day? That they cleared $400,000 in a month? Do the math. If they used .1% of that capacity, it's not even pennies per email. In a way you're right that people should stop sending money to spammers. However, at the numbers we're talking about, people with IQ's less than 75 alone could make these schemes profitable.

Re:Jeez you people...

[antic (29198)]

And those people are not going to be reading Slashdot. That's why I'm surprised that the government and ISPs have not cooperated to mount a branded effort to discredit spam (risk of stolen credit card, product not showing up, etc) and educate the masses.

If spam is a burden for ISPs (extra bandwidth, plus complaining users) surely they'd jump on board a campaign if a government or organised group could provide good educational materials.

We watch awkward anti-piracy spiels in cinemas before movies, why couldn't ISPs incorpoate anti-spam messages into their sites, marketing material, bills, etc?

Re:

[rtb61 (674572)]

It is pretty obvious that the campaign to discredit spam has succeed, did you not pick up on "Mega-D botnet -- named after one of its pill products -- was made up of 35,000 computers and could send 10 billion e-mail messages a day". The botnet is now necessary to send spam upon any significant basis, otherwise their ISP will suspend their account and if their ISP fails to do this, then the ISP will finds all of it's email blocked.

The botnet represent criminal activity that goes far beyond sending spam and

Re:Jeez you people...

[amRadioHed (463061)]

And if pig's could fly...

The OP's point was pointless. An astoundingly small percentage of the population responds to Spam. There is no way imaginable to magically stop every single ignorant, insecure, chump with a credit card from using it for herbal penis pills.

Re:Jeez you people...

[by Anonymous Coward]

And if pig's could fly...

The OP's point was pointless. An astoundingly small percentage of the population responds to Spam. There is no way imaginable to magically stop every single ignorant, insecure, chump with a credit card from using it for herbal penis pills.

We could lace the herbal penis pills with cyanide. Then they'd only buy once.

Re:Jeez you people...

[Ihmhi (1206036)]

You could use spam "Super Brain Cleaners - they make you SMARTER!"

They come in .22, .357. and ultra deluxe .50 sizes.

Re:Jeez you people...

[jimmyhat3939 (931746)]

The thing that confuses me is there are less than 10B people in the world. So.....

Re:

[coinreturn (617535)]

Okay, the $400K/month was all from me. But you should see the size of my penis now. (Actually, you can. Just look out the window; I'm blocking the sun with it.)

Re:Jeez you people...

[master5o1 (1068594)]

Maybe to apply for a credit card, instead of beiing age>=18*, there should be a gullible test.

*
If age >= 18 then can get a credit card;
else only with parental consent.

Re:

[amRadioHed (463061)]

The problem is why would the credit card companies want to do that? The only people the credit card companies don't want to give credit to are people who can't pay their bills, gullible or not.

Re:Jeez you people...

[jcr (53032)]

Maybe to apply for a credit card, instead of beiing age>=18*, there should be a gullible test.

There already is. The consumer credit companies want the most gullible customers they can find, so they can hit them with double-digit interest rates.

-jcr

Re:

[Nefarious Wheel (628136)]

Maybe to apply for a credit card, instead of beiing age>=18*, there should be a gullible test.

Did you know that the word "gullible" was omitted from the most recent version of the Oxford English Dictionary? Fact.

Re:Jeez you people...

[thetoadwarrior (1268702)]

Sorry but you, on your own, will find a cure for AIDS which involves duct tape and a toothbrush before you get rid of the idiots that buy things from spam email.

Re:

[ari_j (90255)]

Slashdotters don't have a lot of motivation for curing STDs, or you would have got the Informative mod instead of just Funny. However, I did manage to cure my carpal tunnel syndrome with spare condoms and breath mints. And I'm probably not the only one here.

Re:Jeez you people...

[fermion (181285)]

The supply will never dry up.

Look at the current banking crisis. Bankers, realtors, appraisers, all conspiring to convince some gullible idiot that he or she can afford to not only buy a house 3X their yearly income, but said house would become a magic money machine. The ARM mortgage would be no problem because the laws of conservation no longer existed, and the double digit growth in value would continue forever, and the house could be sold at a profit at any point.

Then there were the gullible idiots who bought the magical risk free packaged investments based on the magical mortgages. These magical financial instruments were another guaranteed trove of never ending money generation.

Of course, like spammers, the only people who made money were the criminals, and, like spammers, should be in jail.

The flaw in your logic is easy money is that only thing that makes people stupid faster than easy sex. Tell people that a magic fairy will give them money, and most will believe it. That is why our presidential candidates primary sources of income, alcohol and gambling, are so lucrative.

Re:

[zippthorne (748122)]

Um.. there's nothing wrong with buying a house that's 3x your yearly income.

The main problem is using the house itself as collatoral for the loan. It makes houses appear to be worth more, which then allows bigger loans to be secured, and so on...until the whole thing comes tumbling back down.

But you should be able to pay off a mortgage of 3x your current yearly income in twenty or thirty years, with nothing more than work, sweat, tears, and work.

Re:Jeez you people...

[halcyon1234 (834388)]

I've said it before, I'll say it again:

1. Bust a couple spam rings
2. Sieze the customer list
3. Send each customer a free sample of cyanide-- labeled "Viagra"
4. The market dries up

Less customers means less money flowing to scummy companies. Less money flowing to them means less money being given to spammers. No money in spamming means people stop spamming.

And for the inevitable and snarky "here's why your idea won't work list" post to follow: I know that it isn't legal. That's why your hire a plausible deniability, like a merc company, to do it for you. Geez.

Re:

[GWBasic (900357)]

I've said it before, I'll say it again: Bust a couple spam rings Sieze the customer list Send each customer a free sample of cyanide-- labeled "Viagra" The market dries up Less customers means less money flowing to scummy companies. Less money flowing to them means less money being given to spammers. No money in spamming means people stop spamming. And for the inevitable and snarky "here's why your idea won't work list" post to follow: I know that it isn't legal. That's why your hire a plausible deniability, like a merc company, to do it for you. Geez.

Facist! That reeks like something that would happen in Nazi Germany.

Send them LSD instead!

Re:Jeez you people...

[shotgunefx (239460)]

Hear hear!

I look at the spam and I get and I think why would anyone respond to this crap? Porno aside, why would anyone think it's a good idea to buy medicine, products or anything else from some shady stranger?

The other surprising with this story, is that efficiency aside, it seems that the makers actually included an attempt at a shoddy (and probably dangerous) pill. I would have just guessed they used sawdust. LOL

Re:

[gilgongo (57446)]

just stop buying stuff advertised by spam already.

"Jeez" yourself - the days when spam was about selling stuff ended about 5 years ago. Sure, it may look like they're selling meds or something, but it's much more likely to be just one step in a bigger plan they're running.

Really - if it was as simply as following the money then do you think we wouln't have nailed spam by now?

Re:

[1u3hr (530656)]

Really - if it was as simply as following the money then do you think we wouldn't have nailed spam by now?

When have police even tried to "follow the money"? The amounts in each case are far below the threshold for them to take in interest. Only in a very few cases, so rare that they make headlines, do they make even a token effort to investigate. And maybe one or two spammers a year get charged. The FBI apparently thinks it's more important to have agents pretending to be teenage girls to entrap lonely

Re:Jeez you people...

[volsung (378)]

I've seen a number of "Chinese factory" spam emails. These tend to be Chinese companies which specialize in things like engine parts, motors, giant inflatable fabric store displays, etc. I would classify these as gullible merchants who are desperate to find American customers, and have been convinced that spam is the way to do it. The hit rate for industrial water pump spam has got to be even lower than drug/herbal enhancement spam....

Re:Jeez you people...

[liquidpele (663430)]

You miss the point. Spam almost never makes money from the products it spams, it makes money from the stupid businesses that actually pay money for the spammers to do their dirty work. Such businesses are usually illegal or scams, but the point is that the actual spammers don't care about the products, they just get paid for sending the emails.

Re:Jeez you people...

[Phroggy (441)]

why would a company pay spammers to send out emails if it doesn't make them money?

You're forgetting Rule #1: spammers lie.

The company believes that the spammer has been very successful in the past with their double-opt-in targeted marketing campaigns and the spammer's other clients have been very satisfied, because that's what the spammer tells them. They don't find out the truth until after the spammer has been paid.

Re:Jeez you people...

[_Sprocket_ (42527)]

why would a company pay spammers to send out emails if it doesn't make them money?

I'm glad you asked. You see... I was once like you; confused and uninformed. I worked a 9-5 dead end job. But then I discovered the miracle of "unsolicited guerrilla electronic advertising" and made millions! Wouldn't YOU like to be like ME?!

For the first time ever, I'm willing to let you in on the secrets to my success with my spr0cket-Style Spam Success Strategy. To keep this offer exclusive, I have to charge you $2000 for the kit. But you'll make that back in the first HOUR of working at home, as you learn to apply the spr0cket-Style Spam Success Strategy!

I will even throw in a 3month supply of Herbal Pants Enchancers absolutely FREE. Could I afford to do this if my system wasn't successful?

Order today.

We got mentioned!

[MavEtJu (241979)]

An international spam ring with ties to Australia, New Zealand, China, India, and the US is in the process of being shut down.

China: > 1 billion people.
India: > 1 billion people.
USA: > 300 million people.
Australia: > 21 million people.
New Zealand: > 4 million people.

But the most important thing, we got mentioned!

This won't solve anything

[by Anonymous Coward]

Your post advocates a

( ) technical (x) legislative ( ) market-based ( ) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which used to vary from state to state before a bad federal law was passed.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
(x) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
( ) The police will not put up with it
( ) Requires too much cooperation from spammers
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business

Specifically, your plan fails to account for

( ) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
(x) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
( ) Asshats
(x) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
(x) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
( ) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook

and the following philosophical objections may also apply:

( ) Ideas similar to yours are easy to come up with, yet none have ever
been shown practical
( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
(x) We should be able to talk about Viagra without being censored
( ) Countermeasures should not involve wire fraud or credit card fraud
( ) Countermeasures should not involve sabotage of public networks
( ) Countermeasures must work if phased in gradually
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
(x) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
(x) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough

Furthermore, this is what I think about you:

(x) Sorry dude, but I don't think it would work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Exxxcellent

[ohtani (154270)]

Hopefully this will turn out to be excellent news if they can indeed keep these folks shut down and away from continuing their spamming.

My concerns though are the 35,000 computers being used to spam. How long before they're found again. Or maybe they already are being all used by others. Is there any way of getting these machines repaired or otherwise reported to their ISPs? I figure if they have stats on how many machines, they have info on the machines themselves. Heck if they're setup to "receive updates" for software or holes or whatnot, maybe a nice white hat hacking to "update" the software so it self destructs the wide open hole and patches exploitable holes so they're safe?

Re:Exxxcellent

[totally bogus dude (1040246)]

There are lots of hacked computers and ISPs just don't have enough resources to contact every user, convince them that there really is something wrong with their PC (most users would see it as an annoying intrusion at best, and insulting at worst), and then walk them through fixing it. Maybe governments could step up here and provide funding for ISPs to perform this function, so it would become a profitable exercise and therefore something ISPs would want to actively engage in. That then raises the question of how much money taxpayers would be willing to put into such a scheme. A lot of people will argue that it's a waste of money because most computers are in other countries so it won't make any difference to spam etc.

How does this work, exactly.

[blhack (921171)]

Does anybody know how exactly this spam works?

Say I own a widget company...i want to sell my widgets!! I know of this thing called "internet" that a lot of people are using, and decide that I need to utilize it to sell my widgets.

Do I just google for "email marketing"? Do I contact an advertisement agency?
Is there ANY sort of legitimacy involved in spam trafficking?

Do these spammers operate like real live businesses? Can I demand statistics on penetration from them? Do they have offices with receptionists and accountants and shitty corporate art?

Re:How does this work, exactly.

[WK2 (1072560)]

Do I just google for "email marketing"? Do I contact an advertisement agency?

Try it. You can find some places pretty easy after googling "email marketing".

Is there ANY sort of legitimacy involved in spam trafficking?

Short answer: no. Long answer: yes, but only if you define "any" broadly and "legitimate" loosely.

Re:How does this work, exactly.

[CorporateSuit (1319461)]

In the business world, direct email marketing is not considered "intrusive" or "invasive" by the hoards. It might be frustrating to entry-level programmer or minimum-wage Pete, or even Upstart-Business-Guy to get offers from other businesses, but for people who rely on knowing what's new and what's available to make proper decisions and get their jobs done, direct marketing is the first attempt at bridging the communication gap between two companies and starting a successful/profitable business relationship.

It's typically the undirected, consumer mailing and scamming that have given email marketing a bad name; i.e. 3nl4rg3 t3h pen-fifteen. Though, from an outside standpoint, even those are less time-intrusive than television commercials, but oddly not from a social acceptance standpoint.

However, direct email marketing businesses are like the used-car dealerships of today. Most of them are very shady folk selling nothing but rusted nuts and bolts. There are good ones out there that the Fortune 1000 companies rely on as their latest thousand-man rolodex, but you have to do your homework to find them.

Good thing there's a money back guarantee...

[Chapter80 (926879)]

Who's buying these male enhancements? As I mentioned earlier today, read your guarantee carefully...

If you still have a small penis, simply get a notarized note from your doctor stating it is so, and you can get your money back!

My favorite recent scam (not TFA mentioned above), as reported in the press [cincinnati.com]:

Warshak told him that customers seeking a refund should be required to get a notarized statement from a doctor certifying that their penis had not increased in size.

Fines for those in NZ

[The Ancients (626689)]

$200,000 fines are being aimed at three of the offenders here in New Zealand:

http://computerworld.co.nz/news.nsf/news/8D970CCB86C6155ACC2574E200636699

Re:Fines for those in NZ

[tulmad (25666)]

A $200k fine for people involved in a business doing $400k/month in transactions. Yup, that'll teach 'em!

Re:

[jefu (53450)]

When I clicked on "buy this" from a penis enlargement spam the other day (just out of curiosity), the price was $200+. So thats only 2,000 customers.

Where do they get the crap that they sell?

[isaac338 (705434)]

In all seriousness, how do these people stay in business? Are they just charging and not delivering any product? If not, where are they getting the shit that they're selling?

And why can't some authority just make a purchase and then trace where the money's going to track them down? Is selling this pseudo-medical crap and prescription drugs even legal?

Jail time?

[Reality Master 201 (578873)]

Please, please, please, please, please, please!

Running a botnet's gotta be a jail time worthy offense, right?

Before we get too excited...

[damn_registrars (1103043)]

Have they really accomplished much here? If we RTFA (I know, we don't do that here on slashdot), there is a lot of hype and not a lot of clear progress. It looks like about half of the article is information that spamhaus already likely has. And if the botnet was ordered shutdown by an IL court, I'm not sure what use that would likely be.

Sadly spammers are like the Hydra

[99luftballon (838486)]

Yes, in the short term this might cut spam rates a little bit, but others will step in to fill the gap. The only way to stop spam is to educate people not to buy from it and the industry has been trying that for years.

Like all security problems meatware is the biggest fail point. People are just plain dumb a lot of the time, especially when they think they can get rich quick or get a bigger penis or set of breasts.