You've got spam (very likely from a hijacked computer)
The Flint Hill School, a preparatory academy in Oakton, Virginia, might seem an unlikely place to find an Internet spammer. But late last year, America Online traced a new torrent of spam, or unsolicited e-mail ads, to the school's computer network.
On further investigation, AOL, the Internet division of AOL Time Warner Inc., determined that the spammers were not linked to the school. Instead, a spam-flinging hacker, who still has not been found, had exploited a software vulnerability to use Flint Hill's computers to relay spam while hiding the e-mail's true origins. It was not an isolated case. The remote hijacking of the Flint Hill computer system was but one example among hundreds of thousands of a technique that has become the most common way of sending billions of junk e-mail messages through the global Internet each day.
As spam has proliferated - and with it efforts by big Internet providers to block messages sent from the addresses of known spammers - many mass e-mailers have become more clever in avoiding the blockades by aggressively bouncing messages off the computers of unaware third parties. In the past two years, more than 200,000 computers worldwide have been hijacked without the owners' knowledge and are being used to forward spam, according to AOL and other Internet service providers. Each day, thousands more PCs are compromised at companies, institutions and - most commonly of all - homes with high-speed Internet connections shared by two or more computers. "The spammers have mutated their techniques," said Ronald Guilmette, a computer consultant in Roseville, California, who has developed a list of computers that have been forwarding spam. "Today, if you are trying to do a really mass spamming, it is de rigueur to do it in an underhanded manner."
[ Read more ]
- News: Testers angry over spam-blocking fees (21 May 2003)
- News: Feds prime new antispam weapon (16 May 2003)
- News: Spam attempts to scam Bank of America customers (14 May 2003)
- News: Before friday comes spamday (12 May 2003)
- News: EarthLink sues the 'Buffalo spammer' (8 May 2003)
- News: Is spam behind a cell-phone virus? (5 May 2003)
- News: Best way to stop spammers? Make them pay! (5 May 2003)
- News: Are blacklists killing more than spam? (2 May 2003)
- News: Fight spam with SpamProbe (2 May 2003)
- News: Virginia threatens spammers with jail (1 May 2003)
- News: Go hunting for spammers (30 April 2003)
- News: Rise of the spam zombies (28 April 2003)
- News: Antispam activist claims court victory (9 April 2003)
- Article: Iraq Dragged Into The Infamous 419 Scam (7 April 2003)
- News: Spam pips viruses as biggest web problem (4 April 2003)
- Article: Spam Checklist - April Fool's Day is Approaching (27 March 2003)
- Article: Spam Wars - Rise of the Spam (16 May 2002)
- Article: Spam: The problems with junk e-mail (8 April 2002)
- Article: Mail Abuse Prevention Organization stands up to giant Harris Interactive (4 April 2002)
- Article: The six headed spam monster (1 April 2002)
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.