Antispam groups come under heavy DDoS attack

Spammers have been taking over unsuspecting computer users' machines for years in order to send out unwanted e-mails, but recently they have been getting even more aggressive. The SANS Institute (SysAdmin, Audit, Network, Security) recently reported that a large, distributed denial-of-service (DDoS) attack has targeted several organizations that attempt to fight spam: Spamhaus, SURBL (Spam URI Realtime Blocklists), URIBL (Realtime URI Blacklist), and Rules Emporium (the host site for the open-source SpamAssassin program). As of this writing, the Rules Emporium and URIBL are still under attack and are unreachable.

The attacks are similar to last year's DDoS assault on BlueSecurity (makers of the community-based antispam tool BlueFrog) and are believed to be using the same malware to do their nasty work. The software in question is called Storm, which is a trojan distributed as an e-mail attachment. When a user opens the attachment and runs the trojan, it attempts to link up to other infected hosts via peer-to-peer networking. Once a connection is made, it downloads a series of five second-stage executables which set up an SMTP relay, an e-mail address stealer, an e-mail virus spreader, a DDoS attack tool, and finally an updated copy of the Storm Worm dropper. The master component is run from a kernel rootkit driver that embeds itself into Windows' services.exe process.

View: Full Story
News source: Ars Technica

Report a problem with article
Previous Story

Symantec NetBackup Facelift Adds VMware Support

Next Story

Canada, Germany ink clean energy research pact

15 Comments

Commenting is disabled on this article.

hhhmmmm ****ing off a bunch of ppl with botnets, how could that possibly lead to a DDoS attack against you?

the same viruses hackers infect people with to sned out spam are also the same ones they use to take down websites, thats pretty much why anti spam groups go down so often.

The internet was cool until AOL came along and brought millions of monkey-punching, mortgage-refinancing, chain letter-forwarding, minivan-driving dumbasses to it that are gullible enough to believe in penis enlargement pills, home breast augmentation kits, and untold riches given from Nigerian heirs among political unrest. You should have to get an internet license (just like a driver's license) before you sign up with an ISP, so you can be told about these things.

Skwerl said,
The internet was cool until AOL came along and brought millions of monkey-punching, mortgage-refinancing, chain letter-forwarding, minivan-driving dumbasses to it that are gullible enough to believe in penis enlargement pills, home breast augmentation kits, and untold riches given from Nigerian heirs among political unrest. You should have to get an internet license (just like a driver's license) before you sign up with an ISP, so you can be told about these things.

Totally agree.

Keep dreaming.. it got nothing to do with the country but has to do with his inhabitants, meaning people opening trojan-ed e-mails, browsing penis enlarger, free viagra, etc. and so on sites. This will stop once ALL people will understand that not doing the things I've previously mentioned, would reduce the amount of spam someplace close to 0.

Oh, and also, keeping the OS up-to-date as much as possible, having some anti-crap (antivirus, antimalware, anti****ware, etc.) installed. Politicians (at least in my country I know for sure) don't care about this, they have their own agenda, they would rather scratch their nose than do something about spam in general.

I do agree that making some laws that would give them enough years in prison (plus a daily visit from Bubba) would make any spammer think twice before doing something wrong.

Firstly i do not open trojan-ed e-mails, browse penis enlarger, free viagra, etc. and so on sites. so how come i get lots of spam, there are so many other ways spammers get your email and mostly it is not from visiting any site, do some research, cause you are so far from wrong it's scary.

you havent read the laws in ausstralai have you:) they do work and the politicians did actually get it right for once. You can prorbably even look up some stats to show the drop since the laws were introduced. to say it's not the country bu the people is just crazy, people abide by laws, generally, if the laws arent there then they have no reason not to do it beside, people don't like it.

the $10000 odd possible fine for each email sent seems to deter people form doing it, i know because i have in fact reported spam a number of times, and they actually do stuff about it and the laws work.

read it before you knock it, you obviously havent so here it is for you

http://www.efa.org.au/Issues/Privacy/spam.html

if you are all so against spam why don't you write to your politicians and make them do something about it, how much spam do you see come out of australia, NONE. this is because australia made some rather nice laws that stop most if not all of it, all governments shoudl look to australias spam laws to try and rid the world of this ever increasing annoyance

screw spammers! ... they can go screw themselfs... im sure NO ONE is on the spammers side besides the spammers themselfs.

it's not spamming, it's a ddos, totally different although spamming could cause a DDOS if lots of spammers all spam one box at the same time