Thanks for the detailed response Laird. I was well aware that once malware is installed on a computer, the computer is "owned" by the author of that malware. I'm simply curious about the actual state of implementation that spamware has achieved.
I don't think spamware has gone as far as emulating physical user input.
It hasn't needed to so far, not by a long way. Instead, it will simply
harvest various databases on the machine (Outlook's address book, for
example), then start opening sockets and spewing SMTP.
Not according to the theme of that Spamhaus article. Spamware now sends
email via the user's legitimate SMTP relay which may even have a legitimate
SPF and/or SenderID record.
I'm aware of that.
I'm simply curious if Spamware has the ability to steal user passwords "yet" which is somewhat trivial to a good programmer.
The content and immediate destination(s) of the messages spewed in this
manner is pretty much irrelevant, although the engine appears to be able to
do various kinds of replacements and mangling on the message to get it past
content filters. I imagine a lot of the content production work is still
done offline, before a spam run.
The above is just an educated guess, however. I don't actually have any of
this software to hand for examination, nor do I think I want to.
I'd much rather work on the solution than the problem.
Ah, but a solution provider must first fully understand the nature of the
threat in order to counter that threat. Developing a solution based on a
theory is a waste of time if it can't meet real world threats.
-------------------------------------------------------------- from: Jonathan "Chromatix" Morton mail: chromi at chromatix.demon.co.uk website: http://www.chromatix.uklinux.net/ tagline: The key to knowledge is not to rely on people to teach you it.
_______________________________________________ Asrg mailing list Asrg at ietf.org https://www1.ietf.org/mailman/listinfo/asrg