Srizbi spambot rises from ashes, then burns and crashes
By Davey Winder in Editorial
Posted in Blog, Spam, Security on
Six months ago, the Srizbi botnet was big news. Indeed, I reported that it was responsible for as much as 46 percent of the spam being seen by one monitoring outfit. Then, just last week here at IT Pro I was ranting about how spammers were in a world of hurt courtesy of the takedown of a single web hosting service thought to be responsible for enabling as much as 75 percent of the spam on the planet. Indeed, a week ago things looked good for the spammed majority with 70 percent less spam flowing through cyberspace.
But a week is a long time in spamonomics and a recent prediction that things would soon start getting back to normal for the spamming minority seems to be playing out. Not least thanks to the disturbing news that the Srizbi spambot has risen from the ashes once more.
According to FireEye security researchers Srizbi has been spotted updating its bots with a new binary which is bad, bad news for everyone else. As that earlier prediction stated, the command and control servers would appear to have been established in Eastern Europe. The domain registrations being handled in Russia while the servers are located in Estonia.
Apparently, a dynamic DNS generation mechanism has enabled this relatively quick recapture of the command and control centres for the Srizbi operators, despite the devastation of the McColo takedown just a couple of weeks back.
The good news, sort of, is that breaking news suggests that the Srizbi resurrection could be short lived, at least in the short term and that the Estonian servers have all been taken offline. The bad news is that one IP was registered in the Cayman Islands with servers in Germany and this still appears to be live, for now…
Rated: 60% (2 votes)
Loading ...
By Davey Winder in Editorial
Who says crime does not pay? Certainly it cannot be the criminals who are apparently raking it in as the honest and hard-working amongst us suffer at the stamping feet of a recession. A new report from Symantec suggests that crooks are enjoying boom times as far as the underground economy is concerned.
How much enjoyment would that be? How does a total value of goods advertised during the last 12 months on underground economy servers in excess of
Rated: 60% (2 votes)
Loading ...
Spammers are in a world of hurt
By Davey Winder in Editorial
Posted in Blog, Spam, email on
I once wrote that “Spam is annoying, resource consuming, malware driven and often offensive” and still old that opinion. There was a time a few years back when I would have said that spammers were immortal when viewed as an industry, it simply could not be stopped. Now, I would simply say that spammers are vulnerable.
In October I noted that the once King of Spam was dead as the Storm Botnet had apparently stopped producing any spam at all. Of course, having been around this business for a long time now, it was obvious that the death of one player does not equate to the death of the industry. Indeed, I warned at the time that there were “plenty of young pretenders ready to wear the junk mail crown.”
The interesting thing is how recent events have played out with it being reported just last week that the takedown of a single web hosting service thought to be responsible for enabling as much as 75 percent of the spam on the planet, meant that spam was pretty much dead in the water. Indeed, during the first 12 hours following the pulling of the McColo Corp plug spam volumes did drop dramatically. As much as 70 percent less volume being recorded by the likes of MessageLabs for example.
What is more, one week on, and spam volumes have still not returned to the same levels as before the takedown. Things really are not smiley and happy in spam-land right now. Shame.
You just cannot downplay the importance of the McColo spam factor, it hosted the command and control infrastructure for three of the world
Rated: 73.33% (3 votes)
Loading ...
Xmas shopping sucks and costs business big bucks
By Davey Winder in Editorial
Posted in Blog, Internet, e-commerce on
With the holiday season fast approaching, many of us are starting to consider doing the Xmas shopping. For an ever increasing number of people that means avoiding the high street crowds and high street prices by heading online instead. Unfortunately, while the shopper is saving money the same cannot be said for the employer if that shopping is done on work time. A new set of surveys reveals that the average cost to business this Xmas could be as high as
Rated: 100% (2 votes)
Loading ...
Windows 7 scales to 256 processors
By Davey Winder in Editorial
Posted in Blog, Windows, Microsoft on
Mark Russinovich is a cool guy. He also happens to be a Microsoft Technical Fellow and Windows Kernel guru. Best of all, he has been talking at length (some 45 minutes or so) to the MSDN ‘Channel 9′ network about what’s inside Windows 7.
Sure, news about Windows 7 has been leaking like crazy especially now that early versions are available for free.
But this is different, this is not speculation, this is someone who really knows his stuff spilling the technical beans about Windows 7.
Now that’s where everyone’s ears should perk up, mine did. Especially when it got to the bit about how the reworking of the ‘dispatcher spin lock’ in Windows 7 means that the OS can scale to a whopping 256 processors. He goes into some technical detail about how bottlenecks have been removed to make this possible.
I mean, what geek could not be seduced by the lure of a forthcoming Windows Server 2008 release that supports 256 logical cores? Must be a possibility, considering that it will be a Windows 7 based upgrade. About bloody time as well, after all 32 core limits are so 20th century.
There is not a lot a point in me just trying to explain all this in highly technical detail, in text, when Russinovich does a perfect job in person. Seriously, if you care about this stuff it is worth sacrificing 45 minutes of your life to view the video. And I wouldn’t be saying that, I wouldn’t be pointing you away from IT Pro for goodness sake, if it wasn’t so!
Rated: 100% (2 votes)
Loading ...
How fast is your firewall?
By Davey Winder in Editorial
Posted in Blog, hardware, Security on
I am informed, admittedly by way of the company that makes the product in question, that a new firewall is delivering “record-setting performance” to the enterprise segment. The PR bunnies for said company assures me that the FortiGate-620B multi-threat security appliance “sets new performance records with 16 Gbps firewall and 12 Gbps VPN throughput.” Which begs the question, how fast is your firewall?
I have to admit that it is not something I have not lost a great amount of sleep over to be fair. But then again I have not got a gigabit-switching infrastructure to worry about so do not have to consider internal network segmentation points with gigabit-per-second links. Yet it seems that this level of requirement is starting to escape from the expected boundaries of the high-end enterprise and firmly into the SME marketplace with increasing frequency. So maybe it is just as well that security vendors are thinking about affordable appliances that manage to break into new performance territory, that can pack a 24 port density punch and introduce security-specific ASIC network processors previously reserved for truly high-end products only.
Indeed, Fortinet CTO and co-founder Michael Xie is adamant that what is needed is a “strategy to drive higher price/performance and port density into our products in order to bring high-end enterprise-level features to a broader enterprise segment.” Not least because firewalls must evolve to survive in the dynamic enterprise technology landscape where threats are ever changing.
Rated: 100% (1 votes)
Loading ...
Spamonomics
By Davey Winder in Editorial
Bloody hell. No wonder there is so much spam. No wonder there is so little success in stopping the evil trade. No wonder criminal gangs have turned to creating and controlling spambots as an easier and less risky way to make money than trading in drugs or prostitutes. Just take a look at the economics of spam, or spamonics if you prefer.
US researchers working out of the University of California, Berkeley as well as UCSD, have revealed that all it takes for a spam operation to turn a profit is for one response in every 12.5 million spam mails sent to be returned. That bears repeating: a response rate of 1 for every 12.5 million spams distributed is enough to make a profit. Not just a ‘little over break even’ kind of bottom line, but millions of pounds a year in profit. Such is the scale that your average spamming business works to.
The researchers were able, effectively, to hijack an operational spam network in order to make the discovery. Over the course of a year, the seven researchers were able to closely monitor the workings of the infamous Storm botnet by creating a series of proxy bots to control just shy of 76,000 hijacked computers on the botnet. These were then used to route fake spam campaigns and analyse the results coming in to the fake pharmacy site they set up for the purpose.
Don’t panic, the team did not actually flog anything but instead idiot punters attracted by the spam were presented with an error message if they were stupid enough to get their credit cards out.
Apparently, the researchers sent a total of 469 million spam messages during a one month period, most of them looking to promote the fake pharmacy although some mimicked the way Storm attempts to infect user machines and assimilate them into the botnet collective.
The response, after 26 days, was actually less than 0.00001 percent. That is 28 sales from 350 million spam emails sent. Compare and contrast to a genuine direct mail campaign which would average around 2 percent conversion rate. Yet, the researchers say, this was enough to produce a revenue of around
Rated: 73.33% (3 votes)
Loading ...
Obama and McCain: hacked?
By Davey Winder in Editorial
Posted in Data Protection, Blog, Security on
It seems that during the course of the now decided US Presidential Election campaign, covered with intense scrutiny by global media, one tech focused story didn’t make it out into the open until now.
Not the whole Obama is a Tech God thing, be it Obama on the Xbox 360 or iPhone Obama or Obama the Twitter King. What’s more, it was not even the McCain is a lamer by comparison stuff.
Nope, I am talking about the election campaign computers of both Barack Obama and John McCain being hacked tale. Newsweek is reporting that both systems were victims of “a sophisticated cyberattack by an unknown foreign entity” which led to a FBI investigation earlier in the year.
The story reveals how, during the summer, Obama tech experts detected a phishing attack or so they thought. But far from being a simple expedition for credit card numbers the FBI and Secret Service, visiting the campaign headquarters the following day, were warning that the computers had been compromised and “a serious amount of files have been loaded off your system.” Newsweek claims that the White House Chief of Staff confirmed this with Obama campaign chief David Plouffe the following day, also issuing the ‘real problem’ warning.
But Obama was not alone, it would appear, as McCain’s campaign computers had also been compromised in August and the FBI were investigating that as well.
As I understand it, the motivation behind the attacks is most likely to be a sophisticated play at getting advance intelligence on the policy positions of both camps in order to have an advantage with the 44th President of the USA when it comes to any negotiations in the future.
The story leaves more questions than it provides answers, unfortunately. We don’t know if the campaign networks were compromised at web server level, email server level, a single machine was involved or what. The campaigns are remaining quiet regarding their security, and it is doubtful if that position will change.
All that we do get to learn, is that the Obama campaign admitted to plugging security holes found and that the ‘foreign entity’ might have been China or Russia. Hmmm, no s*** Sherlock!
Rated: 60% (2 votes)
Loading ...
Tag cloud
Archives
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
Most commented posts
- 80 percent of viruses love Windows 7
165 comments
- Has Microsoft gone mental?
- Has the US Army declared war on Windows 7?
- Cuil frozen out: market share drops to next to nothing
- Xbox 360 FAIL
- The 24GB RAM Desktop is born
- Use old version of Windows instead of Linux, says teacher
- Microsoft reveals time-based licensing model
- How Marblecake Hacked Time
- Nexus Two - The Next Generation
Highest Rated Blog Posts
- Why ecommerce fails (100%)
- Google Chrome stands alone at PWN2OWN (100%)
- Betting on Hubdub technology (100%)
- Has Google gone insane as GMail goes back to beta? (100%)
- Chinese whispers as government implicated in UK hack attacks (100%)
- Crimeware toolkit targets 10,000 trusted sites (100%)
- Black Hat risk to migrating VMs (100%)
- Tough on cyber crime, tough on the causes of cyber crime (100%)
- Firefox 3, Beta 4, Enhancements 900, Tested 5 (100%)
- Has the US Army declared war on Windows 7? (100%)
