The Scourge of the Bot Herders
Charles Johnson
Mon Nov 20, 2006 at 3:49 pm PST • Views: 357
If you’ve been experiencing a sudden surge of soul-numbing email spam in your Inbox, here’s the reason. A scary little article at eWeek looks at the huge number of compromised (i.e. virus/worm infected) servers, and what the spammers are making them do: ‘Pump-and-Dump’ Spam Surge Linked to Russian Bot Herders. (Hat tip: Tom.)
The recent surge in e-mail spam hawking penny stocks and penis enlargement pills is the handiwork of Russian hackers running a botnet powered by tens of thousands of hijacked computers.
Internet security researchers and law enforcement authorities have traced the operation to a well-organized hacking gang controlling a 70,000-strong peer-to-peer botnet seeded with the SpamThru Trojan.
According to Joe Stewart, senior security researcher at SecureWorks, in Atlanta, the gang functions with a level of sophistication rarely seen in the hacking underworld.
For starters, the Trojan comes with its own anti-virus scanner—a pirated copy of Kaspersky’s security software—that removes competing malware files from the hijacked machine. Once a Windows machine is infected, it becomes a peer in a peer-to-peer botnet controlled by a central server. If the control server is disabled by botnet hunters, the spammer simply has to control a single peer to retain control of all the bots and send instructions on the location of a new control server.
Frank says: