Compromised Home Computers Used To Hide Spamvertised Sites
from the getting-worse dept
There have been plenty of stories about how spammer and hackers have been teaming up to install trojan horse programs on thousands of home computers, but it's been a little unclear what some of them are being used for. There are stories of how they're being used as open proxies to send out spam, and others where the computers are actually hosting porn or other spamvertised content. The latest scam is that the trojans are being used to confound tracing tools to track down where a spamvertised site is hosted. One popular anti-spam technique is to track down the location of spamvertised sites and get them knocked offline. By making it impossible to determine the actual IP address of the site, it means that spammers can host the sites at popular hosting sites (even the most "antispam" ones around) and not worry about being kicked off. The article also points out that spammers are getting nastier with things like this because out of work hackers - who used to hate spammers - are being drawn by the reports of spam money.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
huh?
[ link to this | view in thread ]
Re: huh?
[ link to this | view in thread ]
Re: huh?
The bit that is not explained in the article is how the proxies know the IP number of the real site. I suspect that there is a central point somewhere which distributes these to the proxies.
I would think that there is a method of finding the real site in some cases (e.g. if the real site is hosted by Yahoo). For the real site to be invisible it needs to be set up so that it accepts requests only from the proxies. This means that the the spammer would have to have access to the HTTP server's access control lists. This would not be possible at most hosters. Therefore I suspect that the real site (at the real IP) will appear on Google.
[ link to this | view in thread ]