Massive spam campaign hits Yahoo Groups, LiveJournal |
 |
By Robert Westervelt, News Editor
23 Jul 2009 | SearchSecurity.com |
|
|
|
| SearchSecurity.com: |
| To get security news and tips delivered to your inbox, click here to sign up for our free newsletter. |
|
|
|
|
Researchers at security vendor AppRiver are tracking a massive spam campaign using hosting space on message boards hosted by Yahoo, Google and LiveJournal. The spam technique is less popular than using bots to deliver messages, but security researchers say it appears to be having success in this campaign.
The spam campaign started about three days ago and has increased to a rate of 1 million messages per hour, said Troy Gill, a security analyst with AppRiver. Spammers are taking advantage of the free file storage, hosting their images and links on the websites, Gill said.
"They don't have to go out and collect computers to use as a botnet or rent space on a botnet," he said.
|
| Spam techniques: |
3FN.net ISP shutdown interrupts spam campaigns: The shutdown of 3FN.net disrupted the Cutwail Botnet and may have reduced global spam volumes by 15%. But spam levels are expected to increase to pre-shutdown levels, experts say.
Video - Economy fuels malware, spam: Dave Marcus of McAfee's Avert Labs, breaks down the threat landscape and explains why spam numbers are rising and malware writers are taking advantage of the down economy. |
|
|
|
|
The spam technique allows the spammer to bypass security controls using an automated account creation process, which possesses some CAPTCHA-breaking ability, Gill said. They then set up a free email account at Hotmail or Gmail to send out their messages with the hosted links.
Most of the messages from the latest campaign are coming from free Hotmail accounts, Gill said. Yahoo Groups also appears to be hosting the most image files and links. The services allow the spammer to piggy-back on the good reputation of Yahoo, thus avoiding being blacklisted by antispam software, Gill said.
While the spam technique is a tiny fraction of overall spam – spam from botnets comprises 90-95% of total spam on average – security researchers have been tracking the use of automated tools to set up hosting accounts to send out spam for several years. Spammers don't have to create their own tools. They can buy automated software on Web hacking forums that help them latch onto the free hosting services and even set up free email accounts to send out their unwanted messages with little technical expertise.
Last year, spammers set up Google Docs accounts to store spam images and links. They take advantage of Google's nearly limitless storage capacity and high bandwidth, which can handle the traffic generated from a spam campaign. Spammers are used to playing a cat and mouse game with hosting providers like Google, being shut down one day only to reappear on another free hosting provider days later, Gill said.
Gill said spammers don't take up too much storage space, since they don't have to store many images. Instead, they are detected when the hosting provider discovers an abnormal increase in traffic.
"The reaction has been kind of slow, as far as people reporting the abuse directly," Gill said.
|
|
|
|
