Sunday, May 07, 2006

Spam Wars

Well it was just too good to be true. There have been quite a few reports (apparently all citing one source called memhacker) in the last week that self proclaimed "Spam King" Alan Ralsky had been arrested by the US Department of Justice on fraud charges. Mr. Ralsky was supposedly picked up and was being held under a sealed indictment. The spam and botnet underground as well as the hacking community were in fear of Mr. Ralsky making a deal with the Federal Government in an attempt to garner a reduced sentence or outright immunity (a distinct possibility since Ralsky is already a convicted felon). But the Department of Justice and the Detroit FBI field office said it just wasn't true. Too bad.

Think about it: Ralsky is a convicted felon who has served three years probation on bank fraud charges, and has a lot of people very angry at him because he epitomizes the sleaze of the spam world. I wonder why he is still living in Detroit (in fact several posters noted passing his house in Detroit, apparently a modest one story affair in a blue collar neighborhood, despite Ralsky's reputed millions in span earnings).

I took a quick look at http://www.spamhaus.org/ to see if Ralsky was still registering as a 'top' spammer. Nope. It appears that Russian criminals (operating oddly enough out of ISPs in the US and China) are apparently the big spammers these days. Leave it to the Russians to corner the market on anything illegal.

For obvious reasons, several Israeli firms have adopted a counterpart role as spam policemen. I sometimes wonder if there isn't a supply-demand conspiracy given the massive Russian immigration to Israel in the past decade. My favorite company is antispam firm Blue Security which operates an antispam service which punishes junk-mailers by spamming them back. Blue Security’s "Do Not Intrude" program allows individuals to register their e-mail addresses with the company and essentially flood spammers who send them e-mail with automated opt-out requests. All evidence indicates that spammers really, really hate being spammed.

Spammers hate being spammed so much that they are fighting back. Blue Security's service was knocked off-line by a spammer called PharmaMaster who used a combination of methods to knock out the company’s Web site and the servers hosting its services. The attacks that crippled Blue Service were preceded by PharmaMaster sending out threatening e-mails to subscribers of the Do Not Intrude Registry, warning them of even more spam if they did not withdraw their subscriptions. PharmaMaster then appears to have gotten someone at a major ISP to block Blue Security’s IP address on the Internet’s backbone routers via a process called black-holing. Traffic to the company’s main Web site dropped from the usual 100 hits per minute to about two per minute in less than an hour -- and nothing at all from outside of Israel. At almost the same time, massive distributed denial-of-service (DDoS) attacks were launched against the dedicated servers that provide Blue Security’s antispam service. The servers, located at five separate hosting provider sites, were bombarded with up to 2GB of traffic per second, rendering them inaccessible.

There is justice though. Jeanson Ancheta, a 21-year-old southern California hacker, was sentenced just this week to 57 months (almost 5 years) in prison for using an automated program to hack into some 400,000 PCs and infect them with pop-up generating adware. In 2004 and early 2005,when Acheta was still a minor I might add, she used a customized "rxbot" Trojan horse program to build a "botnet" of compromised PCs, on which he installed ad-delivery programs from two companies: Quebec-based Gammacash, and LOUDcash, which has since been acquired by adware giant 180solutions. Today's kids! Can't live with em, can't lock 'em up ... oh, wait. I guess you can lock 'em up.

It's a jungle out there. I'm going to look into a signup with Blue Security's service. It may not be a clear winner, but it does make me feel all warm and fuzzy inside.

1 Comments:

Anonymous Anonymous said...

Pharmamaster needs to be hanged. Simple as that.

5:23 AM  

Post a Comment

<< Home