[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] Spammer proxies using legitamate mail relays

To: asrg at ietf.org
Subject: Re: [Asrg] Spammer proxies using legitamate mail relays
From: Laird Breyer <laird at lbreyer.com>
Date: Wed, 16 Feb 2005 11:33:32 +1000
In-reply-to: <200502160113.RAA22610@minerva.amdahl.com>
List-archive: <http://www1.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
Mail-followup-to: asrg at ietf.org
References: <59342.202.54.11.72.1108376038.squirrel@webmail.persistent.co.in> <200502160113.RAA22610@minerva.amdahl.com>
Reply-to: laird at lbreyer.com
Sender: asrg-bounces at ietf.org
User-agent: Mutt/1.5.6+20040523i

On Feb 15 2005, George Ou wrote:
> According to this article http://www.spamhaus.org/news.lasso?article=156,
> spamware has improved it's capability to avoid black listing by using the
> legitimate outbound SMTP servers of it's infected victim.  As a result, an
> increasing amount of spam is coming from legitimate mail gateways.
> 
> Does anyone have more detailed information on spamware and how it manages to
> do this?  Does it steal SMTP server configuration information from the

If a trojan or spyware/spamware is installed on a user's Windows
computer, then it can do everything a user can do. The actual details
of how it's done don't matter, because you can never fully protect
against that sort of abuse.

All a program has to do is to move the mouse and simulate keyboard
typing and then it has all the privileges of a user. If a password
needs to be typed repeatedly, it can be intercepted and saved. Or the
program can just wait for the user to type in credentials, and then
hijack the mouse and keyboard. Other methods are simply programming
shortcuts.

The only limit is how smart the black hats are, and that depends on how
much they are getting paid to write the spamware.

-- 
Laird Breyer.

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- RE: [Asrg] Spammer proxies using legitamate mail relays
  - From: George Ou

References:
- [Asrg] AntiSpit Info.
  - From: aseem_jakhar
- [Asrg] Spammer proxies using legitamate mail relays
  - From: George Ou

Prev by Date: [Asrg] Spammer proxies using legitamate mail relays
Next by Date: RE: [Asrg] Spammer proxies using legitamate mail relays
Previous by thread: [Asrg] Spammer proxies using legitamate mail relays
Next by thread: RE: [Asrg] Spammer proxies using legitamate mail relays
Index(es):
- Date
- Thread