The Gang Behind the World's Largest Spam Botnet 58
tsu doh nimh writes "A Wikileaks-style war of attrition between two competing rogue Internet pharmacy gangs has exposed some of the biggest spammers on the planet. Brian Krebs uncovers fascinating information about a hacker named 'GeRa' who is supposedly behind the Grum botnet, which is currently sending about one out of every three spam emails worldwide. The story also points to several possible real-identities behind the Internet's largest spam machine."
Priorities (Score:5, Insightful)
MegaUpload: Some people love it, some people hate it. Most of their damage (much of it alleged) is limited to a single industry and affects a tiny percentage of their bottom line
Global Botnets: Universally hated with very real damage caused in terms of time spent, infrastructure upgrades, spam filtering, etc, plus I'm sure a lot of that spam is also used for phishing and other activities that cause further damage. It affects pretty much every company and individual with any sort of online presence. I don't have any numbers, but I imagine the cost of spam botnets cause damage that's at least an order of magnitude greater than what copyright infringement is even claimed to be (nevermind the smaller amount it actually is).
But hey, glad we took down the one that also served legal uses.
Re:Priorities (Score:5, Insightful)
Re:Priorities (Score:4, Insightful)
My guess is that the credit card companies that are collecting processing fees for the actual purchases don't mind the extra business.
Re:Priorities (Score:2, Insightful)
the problem is that the scams can use ad-hoc resources cobbled together from infected systems, there is no need to have a permanent domain. People don't need to get their by searching, the spam provides them a link. So shut down the server. Just be aware the server's legal operator wasn't involved and now their sites are down. And the scammers failed-over to the next batch of infected systems.
Re:Priorities (Score:2, Insightful)
And who wants to bet that the money trail would lead to places and people that the "enforcers" would rather we not know?
Re:Priorities (Score:5, Insightful)
Re:Priorities (Score:5, Insightful)
Spammers can use flux hosting for their websites so this part is not easy to target. Accepting payment, though, is something that's trivial to block -- if there was any will to do so.
Re:Priorities (Score:5, Insightful)
So next time a company will spam in the name of a rival, thus baiting authorities to take it down. Just because they are the ones advertised is no proof that they ordered the advertisement and if they did that they know that it's being achieved by illegal spam.
Re:Priorities (Score:0, Insightful)
It shouldn't even be that hard. The spam-botnet itsself can't be easily taken down, true - decentralised C&C, that sort of thing - but they are using it for pharmacutical scams. That means the spam is there to promote a website.
More than that: it's not just promoting a website, but trying to sell something, so follow the money.
Re:Priorities (Score:5, Insightful)
Realistically, there is only one way to stop spam and that's to disrupt the money flow between the people that buy products from spam and the spammers to such an extent that it is no longer profitable. That's certainly not going to be easy, but for all its faults SOPA would have provided some of the necessary muscle needed to force Mastercard and Visa to try and prevent payments to known spam operators through its provisions to block financial flow to such sites (it's potential use for preventing sales of fake Viagra is why Pfizer is on the SOPA supporter's list). Another avenue of attack is blacklisting banks that can be shown to be processing spam related payments, especially since research [arstechnica.com] has shown that there may only be a handful of banks prepared to deal with spammers in the first place.
80k sales and $6m in revenue (Score:5, Insightful)
Over a 3-year period, GeRa’s advertisements and those of his referrals resulted in at least 80,000 sales of knockoff pharmaceuticals, brought SpamIt revenues of in excess of $6 million, and earned him and his pals more than $2.7 million.
...and that's why we will never be rid of spam: because at least 80,000 people are dumb enough to buy boner pills over the internet from someone who spammed their inbox with poorly-spelled sales pitches.
How about stopping the product? (Score:4, Insightful)
If actual products are being shipped (as opposed to pure fraud), then it should be possible to trace the physical deliveries back to their source. Pharmacy products are not e-product. They are physical. So if these products are being marketed through illegal means, and are probably illegal products themselves, then why not follow them back to their source.
At the very least, the govt could make a big noise and say that goods marketed through spam are being seized enroute and people will throw their money away if they purchase them.