Spammers Strike Back!
The war on spam seems to be heating up, this time with anti-spam sites on the receiving end of a distributed denial-of-service (DDoS) attack believed to be coordinated by spammers:
"Spammers have been taking over unsuspecting computer users' machines for years in order to send out unwanted e-mails, but recently they have been getting even more aggressive. The SANS Institute (SysAdmin, Audit, Network, Security) recently reported that a large, distributed denial-of-service (DDoS) attack has targeted several organizations that attempt to fight spam: Spamhaus, SURBL (Spam URI Realtime Blocklists), URIBL (Realtime URI Blacklist), and Rules Emporium (the host site for the open-source SpamAssassin program). As of this writing, the Rules Emporium and URIBL are still under attack and are unreachable."
The software that the spammers are allegedly using is an advanced and particularly nasty trojan called Storm. Storm utilizes P2P technology to download new components and updates after which it works its way into the services.exe file in Windows. The typical list of components that Storm downloads gives a pretty clear picture of how it operates: e-mail address stealer, e-mail spreader, and of course the actual DDoS component. This all works together to steal e-mail addresses and passwords then use them to spread the DDoS portion as well as the Storm downloader itself so the process can start all over again on any PCs it manages to infect. Now might be a good time to make sure your anti-virus and spyware protection is up to date.