Another Worm Targets Anti-Spam Sites

kevinvee writes "Yahoo! is reporting about the next battle of Spam Houses versus Spamhauses. This time, its W32/Mimail-L receiving the attention. "It's the third Mimail variation to come after us, except this one is trying to do more," said Steve Linford, founder of The Spamhaus Project. Apparently this reincarnation comes as an attachment offering naked photographs. Once infected, a follow-up e-mail is sent to the user stating that a CD containing child pornography will be delivered to their postal address. "These guys write trojan (viruses), they carry out DDOS attacks and they get their money through selling stolen credit cards and spamming," Linford said."

A new low

[CleverNickName]

I didn't think that it was possible for me to hate spammers more than I already do.

Turns out I was wrong.

hmm....

[frodo from middle ea]

I always though the money making scheme from "Lock stock and two smoking barrels" was very practical and doable..This looks preety similar to that.<P>
In case you don't know what I am talking about, Go see the movie before you mode me down.

Enough is enough

[gxv]

If law enforcements agencies cannot handle the problem it's time for the Wild West solutions. And it seems we have to be the sheriffs. Let's fight those bastards with their own methods. They claiumed OUR network, they use it for their own dirty purposes. And they try to 'kill' those who fight with them. We're the majority. Law & order people! DDoS DDoSers. Kill spammers!

Ok. This is bad idea. But what else we can do?

Re:A new low

[.Bruce Perens]

Now, will the real Bruce Perens please stand up?

Certainly. All you had to do was ask.

Re:A new low

[johnkoer]

I thought you were going to say RIAA, but organized crime works too.

Re:Enough is enough

[musikit]

yes it is a bad idea.

it's the double edged sword. if you go after them you get sued (see SPAM-rage from a couple of days ago) and they get nothing against them.

do what i do. when someone blindly asks you to "fix" their computer install AV, Ad/spy removal SW, and net nanny. you could even go a bit further and install anti-SPAM SW and a firewall. or if your overly zealous remove the administrator right from that user. Or just add a reg key entry to stop outlook, outlook express, and IE from running and replace accordingly with your favorite SW.

congress isn't gonna do squat but as soon as you do something they'll arrest you. so watch your backside.

Re:A new low

[Savage-Rabbit]

Calm down, calm down, spam is not so bad. Why if we eradicate spam just think of all the jobs that would be lost!! All those good people in the electronic mail marketing business (aka. spammers) and the developers that derive a living from anti spam software, the doctors that treat patients who's hearts have begun to give under the constant emotional irritation and anger generated by spam, the drug companies that make their medicine... the list goes on. No spam is an essential component in modern society, it creates jobs, tells us where to look for cheap viagra and it is an invaluabe guide to profitable business opportunities in Nigeria. I ask you sir, how can we live without spam???

Before you mod this down as a TROLL please ask your self:
Whould you know sarcasm if it bit you in the backside?

Re:baseball bat

[Anonymous Coward]

How can I sign up for the beastiality porn emails?

WHY YOUR ANTISPAM IDEA WON'T WORK

[MillionthMonkey]

(Inevitably, in every thread about spam, someone proposes a solution with one or more flaws. This is a handy form that passes the lameness filter and that can be reused for all such posts to save time! It does not specifically address all possible flaws and may be expanded in future versions.)

Your post advocates a

( ) technical ( ) legislative (x) market-based (x) vigilante

approach to fighting spam. Your idea will not work. Here is why it won't work. (One or more of the following may apply to your particular idea, and it may have other flaws which vary from state to state.)

( ) Spammers can easily use it to harvest email addresses
( ) Mailing lists and other legitimate email uses would be affected
( ) No one will be able to find the guy or collect the money
( ) It is defenseless against brute force attacks
( ) It will stop spam for two weeks and then we'll be stuck with it
( ) Users of email will not put up with it
( ) Microsoft will not put up with it
(x) The police will not put up with it
( ) Requires too much cooperation from spammers
(x) Requires cooperation from too many of your friends and is counterintuitive
( ) Requires immediate total cooperation from everybody at once
( ) Many email users cannot afford to lose business or alienate potential employers
( ) Spammers don't care about invalid addresses in their lists
( ) Anyone could anonymously destroy anyone else's career or business
( ) Ideas similar to yours are easy to come up with, yet none have ever worked
( ) Other:

Specifically, your plan fails to account for

(x) Laws expressly prohibiting it
( ) Lack of centrally controlling authority for email
( ) Open relays in foreign countries
( ) Ease of searching tiny alphanumeric address space of all email addresses
(x) Asshats
( ) Jurisdictional problems
( ) Unpopularity of weird new taxes
( ) Public reluctance to accept weird new forms of money
( ) Huge existing software investment in SMTP
( ) Susceptibility of protocols other than SMTP to attack
( ) Willingness of users to install OS patches received by email
( ) Armies of worm riddled broadband-connected Windows boxes
( ) Eternal arms race involved in all filtering approaches
(x) Extreme profitability of spam
( ) Joe jobs and/or identity theft
( ) Technically illiterate politicians
(x) Extreme stupidity on the part of people who do business with spammers
( ) Dishonesty on the part of spammers themselves
( ) Bandwidth costs that are unaffected by client filtering
( ) Outlook
( ) Other:

and the following philosophical objections may also apply:

( ) Any scheme based on opt-out is unacceptable
( ) SMTP headers should not be the subject of legislation
( ) Blacklists suck
( ) Whitelists suck
( ) We should be able to talk about Viagra without being censored
(x) Countermeasures cannot involve wire fraud or credit card fraud
( ) Countermeasures cannot involve sabotage of public networks
( ) Sending email should be free
( ) Why should we have to trust you and your servers?
( ) Incompatiblity with open source or open source licenses
( ) Feel-good measures do nothing to solve the problem
( ) Temporary/one-time email addresses are cumbersome
( ) I don't want the government reading my email
( ) Killing them that way is not slow and painful enough
( ) Other:

Furthermore, this is what I think about you:

(x) Nice try, dude, but I don't think it will work.
( ) This is a stupid idea, and you're a stupid person for suggesting it.
( ) Nice try, assh0le! I'm going to find out where you live and burn your house down!

Re:Revenge?

[The Good Reverend]

I met all the other spammers down here in Boca Raton FL (the american capital of spam).

Why doesn't it shock me that the capital of spam in the US translates to "Rat's Mouth"?