Via Krebs on Security, a russian named Pyotr Levashov has been arrested in Spain. According to news reports (NY Times, Reuters) the arrest happened in response to a warrant issued by the US, but no details were given as to what he was being charged with. The DoJ says the case is currently under seal and will not comment on charges. There is widespread agreement that this person is involved in...
It’s that time again… here’s a look at our last month of blog posts. We find it useful to recap each month, both to track trends and issues in email delivery and to provide a handy summary for those who aren’t following along breathlessly every single day. Let us know if you find it useful too! As always, I wrote about email filters. It’s so important to recognize that filters aren’t arbitrary...
Botnets are a huge problem for a number of reasons. Not only are they used to send spam, they’re also used in criminal activities. One of the major challenges in dealing with botnets is finding and stopping the people who create and use them. Why? Because the internet is global and crime tends to be prosecuted within local jurisdictions. Catching someone running a botnet, or involved in...
Over the last few years I’ve been hearing some people claim that botnets are the real spam problem and that if you can find a sender then they’re not a problem. Much of this is said in the context of hating on Canada for passing a law that requires senders actually get permission before sending email. Botnets are a problem online. They’re a problem in a lot of ways. They can be...
It’s been a great conference, and it’s only about half done. As is common at these conferences, I write down lots of things we should do and need to publish. The difference is now that we are growing I may have the time to put the polish on them and get them published. Today’s keynote discussed the economics of botnet mitigation. Michel van Eeten from Delft University of...
In the comments of last week’s Wednesday question John B. asked Can you elaborate on specifics of “configure machines to not look like spam ware”? There are a lot of things that spamware does that is different from a lot of standard MTAs. Here are a list of things that may make your mail look like it is running spamware to a receiving server. Using weird values for HELO/EHLO, like a bare IP...
Spammers have been moving into the phone market for a long time. Just recently security firms have discovered an Android botnet. This botnet sends viruses over SMS, and when a link in the SMS is clicked, the phone is infected with the virus which then sends more SMS. The technology for blocking and reporting SMS spam is comparable to email blocking technology 10 or 12 years ago. There just...
One of the things that never ceases to amaze me about phishers is how incredibly creative they can be in writing text that encourages recipients to open their emails. There have been two separate incident recently that inspired me to talk about phishing. The first was watching viruses propagate through my local neighborhood mailing list. I live in Silicon Valley and we do have an email list for...
The Communications Security, Reliability and Interoperability Council (CSRIC) published a Anti-botnet code of conduct for ISPs. This is a purely voluntary code for U.S. ISPs that want to mitigate the botnet threat to follow. You can download a full copy of the final report from the MAAWG website. The FCC has published a fact sheet about the report on their own website.
The US government is looking at telling ISPs how to deal with compromised customers and botnets. They’re a bit late to the party, though. Most of the major commercial ISPs have been implementing significant botnet controls for many years now. Control involves a number of different techniques, but notification has been designed into the system from day 1. “There is no need for mandated...
RSS - Posts