Spammers release virus to attack Spamhaus.org]

[Dave Farber <dave () farber net>]

Delivered-To: dfarber+ () ux13 sp cs cmu edu
Date: Mon, 03 Nov 2003 07:17:27 -0500
From: Rich Kulawiec <rsk () gsp org>
Subject: Fwd: [linford () spamhaus org: Spammers release virus to attack
 Spamhaus.org]
To: dave () farber net


[ Anyone thinks that the spam problem can be seriously addressed
in any way other than permanently removing spammers (and their supporters,
including the rogue ISPs which continue to service them) from the Internet
is living in a fantasy world.  ---Rsk ]

----- Forwarded message from Steve Linford <linford () spamhaus org> -----

> From: Steve Linford <linford () spamhaus org>
> Newsgroups: news.admin.net-abuse.email
> Subject: Spammers release virus to attack Spamhaus.org
> Date: Sun, 02 Nov 2003 20:56:59 +0000
>
> FOR IMMEDIATE RELEASE
>
> Spammers release virus to attack Spamhaus.org
>
> A new virus released by spammers on Saturday 1st November is infecting
> computers worldwide, and this time the purpose of the virus is to attack
> www.spamhaus.org, www.spamcop.net and www.spews.org. The W32/Mimail-E
> virus is the latest in a string of viruses, each one released by
> spammers for the purpose of creating a vast worldwide zombie network of
> spam-sending machines and building an attack network consiting of
> hundreds of thousands of virus-infected zombie computers with which the
> spammers then attack anti-spam organizations.
>
> W32/Mimail-E is designed to infect millions of computers causing them to
> each begin making overwhelming amounts of bogus requests to
> Spamhaus.org's web server, www.spamhaus.org, and also attacks the web
> servers of www.spamcop.net and www.spews.org.
>
> Spamhaus began coming under massive distributed Denial of Service (dDoS)
> attacks in July 2003, soon after the release of the SoBig.E virus and
> the Fizzer virus. In June Spamhaus stated that spammers had now moved
> >from simple spamming through open proxies to actually manufacturing and
> sending out viruses to create a network of spam proxies, infecting
> hundreds of thousands of mainly home-user machines on broadband (ADSL)
> lines.
>
> Fizzer (W32/Fizzer-A) in particular is a wide-spread worm which spreads
> by emailing itself to contacts in Microsoft Outlook and Windows address
> books. The purpose of Fizzer is to install a minature web server (which
> the spammers then use to host "make-penis-fast" web sites on) and a DoS
> attack tool specifically for attacking anti-spam organizations. In
> August and September 4 anti-spam systems were forced into closure under
> overwhelming dDoS attacks that hit them for weeks at a time.
>
> Spamhaus itself was subjected to the same intense dDoS attacks for 3
> months but survived thanks to its large distributed network capable of
> absorbing attacks. Still, expecting more attacks, and with no
> intervention by Law Enforcement, in mid September we moved the Spamhaus
> web site behind an anti-dDoS device known as iSecure supplied by Melior
> CyberWarefare Defence (www.ddos.com) and can therefore now withstand the
> waves of dDoS attacks.
>
> Spamhaus does know the two groups of spammers and teenage crackers
> behind the dDoS attacks, and we know the same groups are involved in the
> creation and sending of the viruses. We know who and where they are and
> will be releasing our information on them in a week's time to focus
> press on them in order to speed up their apprehension.
>
> --
>   Steve Linford
>   The Spamhaus Project
>   http://www.spamhaus.org
>

----- End forwarded message ----- 

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/