Spamzy

I was reading the Symantec State of Spam report for August and I thought this was funny and tragic– email spam targeting alcoholics and other users, and advertising rehab services. Users click the link allegedly for a rehab program, enter their personal information — and instead of getting help, they get scammed.

The report says:

July 2008 saw the emergence of rehab spam. Subject lines have included

- Get help today with Drug Rehab Info
- Overcome Alcoholism today
Spammers are constantly trying new tactics to try and coerce recipients into opening a
spam message so that they can obtain personal information from end users. In this particu-
lar example, they are trying to target individuals who are not in good health, in the hopes
that they will act on this spam message and give away their personal details.

Read the full August State of Spam report here.

See the rest here:

MaxAntiSpy is a new rogue anti-spyware program targetted at the Russian market. This parasite is essentially a corrupt spyware remover, which uses trojans, such as Zlob, to enter the system. MaxAntiSpy uses misleading advertising (popups, fake system notifications, falsified system scan reports) to create a reason for the user to purchase it’s “licensed version”.

MaxAntiSpy is a scam and should be treated as such: do NOT download or buy it and block MaxAntiSpy.com using your HOSTS file.

Original post:
MaxAntiSpy

AntiSpyControl is a new rogue anti-spyware program - a fake spyware remover, which uses trojans, such as the infamous Zlob or Vundo, to enter the system. This parasite uses misleading advertising techniques (displaying popups, fake system notifications, falsified system scan reports) to get the user to purchase it’s “licensed version”, which is as fake as the trial.

AntiSpyControl’s homepage, AntiSpyControl.com, provides no useful information whatsoever, including no contact details and uses an illegitimate payment system. AntiSpyControl is a scam and should be treated as such: do NOT download or buy it and block it’s homepage using your HOSTS file.

See the original post:
AntiSpyControl

Dizan is a virus that spreads through infected files. Once executed, the parasite secretly installs itself to the system and runs a payload. It searches all local drives for executable files and infects them. It also opens a back door providing the attacker with unauthorized remote access to the compromised computer. Dizan can overwrite essential system files with copies of itself. The virus automatically runs on every Windows startup.

More:
Dizan

Robert Scoble has some interesting commentary this morning about the number of photojournalists with expensive gear covering the Olympics.

He’s a bit indignant that so much energy goes to sporting events like the Olympics rather than more important news that isn’t getting reported around the world.

This is in a year when tons of journalists are getting laid off.

This is in a year when there are tons of stories around the world that aren’t getting reported on.

Could we take half of those photographers and send them to Russia, for instance

Reminds me of a feeling I had back in college as an undergrad student studying social sciences and humanities, about the way my friends who were physicists interacted with the world. They were so awed by the stars, Mars, astrophysics, and it seemed to me interesting but altogether unimportant. They argued they may find something outside our planet that could help solve Earth-bound problems like disease, or find the origins of earth and humanity — but really they were doing it because they loved it. One of my friends had a good argument, though — there are enough people right now that we can specialize in what we care about, and there will still be others covering other topics. He could be a physicist and look into the universe’s origin, while I studied social interaction and writing, and our other friends looked into solving cancer or eradicating invasive plants in the native wetlands. We have to specialize, and there are enough of us to do it too.

I think it’s the same way in journalism — whether it’s sports, celebrity journalism, or coverage of politics and war, there are a lot of opportunities right now for journalists. Of course the business model is changing, and some old-schoolers won’t know how to roll with that, but generations change slowly; we’re learning.

Also, the Olympics is seen as more than a sporting event, it’s also a symbol of world competition and cooperation too — a way for countries to come together and share entertainment globally. I think that’s worth covering.

In the second post, Robert Scoble says there are plenty of great journalists but the public doesn’t care. In some ways I have to agree with that, but I don’t think it’s negative, necessarily. I had a conversation with someone the other day about world news reportage. He says, “I was just reading this story, but what does it matter to me if there’s a flood in some city in another country I’ll never visit and some farmer lost his sheep?” World news is only important when it’s relevant, so it’s no wonder that many people don’t care — if they don’t know much about the area, and it doesn’t affect them, they have no incentive to give it full attention. You can call that apathy, but I think it’s an important selectivity skill that humans have. We have to choose what to give priority to, so if nothing stands out as being particularly important, we just ignore it or gloss over it. Human nature…

Also I think the common person today just gets desensitized and doesn’t know where to turn their energy, when surrounded by so many crises. Either you focus on one specialty and do your best to work toward one cause in your life — and maybe that’s just in the course of your daily work — or you become a complete Attention-Deficit-Disorder case and bounce from one problem to the next, without knowing how to solve anything. That just causes a sense of bewilderment, despair, and either that bogs you down or eventually you get desensitized.

There’s a commenter on Scoble’s blog, Spencer, who talks about this generation’s apathy. There are so many people who want to blame today’s generation or the young generation for this “apathy” that they sense. But I see it as a survival mechanism that arises from the way information flows these days. We’re surrounded by crises, everyone wants us to know about them — the water shortage, global warming, death in Iraq, the national deficit. Okay, crisis, I get it. But no one gives a real clear idea on what any individual is really supposed to do to solve the problem. You can’t get involved with one global cause, without ignoring all the others, and if you do get involved it’s likely to become your life’s purpose. Most people are concerned with other things — their families, their work, personal development, their homes and futures, and really that’s enough to take up all their time.

I’m always amazed when I read about the early unionists. Emma Goldman for example, the activist who pushed for the 8-hr workday, and campaigned for free love in the early 1900s when women were still wearing corsets, used to work 16 hour factory days as a seamstress, then lead meetings late into the night. Today we lead cushy lives comparatively–8 hour days, plus commute and lunch, family time, dinner time, gym maybe, sleep… but it still doesn’t seem like we ever have enough energy and time.

What Emma had that most people today don’t, is a community living in the same conditions as herself, with clear goals about what they were campaigning for, and a cause that affected their own daily lives. Today, unionism and local activism is in much shorter supply, in part due to the many people who work fairly comfy desk jobs, and the problem that everyone has his own specialization, works in a cubicle, does his or her own thing. The problems we’re facing today in terms of global warming, global water shortage, aren’t the same kinds of problems that activists have fought for in the past, and there’s no clear road map for how to solve them. Our leaders sure aren’t leading the way.

What we do have, at least, is the Olympics, which is an age old symbol of international cooperation, play and competition…so, uh, go sports! As for full disclosure, I don’t actually have a TV and haven’t watched the Olympics in many years, but I do try taking short showers–does that help?

Originally posted here:

One of my funny moments at Black Rock City last year was meeting a random guy early one morning on deep playa, chatting and finding out we both were involved in IT security. He’d been at the defcon conference just before Burning Man, we talked for just a minute about industry publications and the hacker contests, before getting distracted with shinier things. I’m not going this year but everyone I know is buzzing about BM this year:)

I was just reminded of this randomly just by reading this list of new tools released at the Defcon this year. Sounds like a busy conference, with a lot of hackers who love what they do. Good stuff.

It has become more like a global fair than what most people think of conferences; even the badge is highly unique. I say this because there are so many things to do at DEFCON, other than going to talks, that you could spend your whole weekend looking at the “World’s Largest Boar!” so to speak. One of the CTF (Capture the Flag) contest winners this year actually exclaimed that he only made it to 2 talks in 12 years! I am also one of those individuals who barely get a chance to go to talks and now that the speaker pool is so diverse it’s hard to find all of the “stuff” they release.

Read the list and full article here

View original post here:
New Releases at Defcon

Spamza.com is a website that recently went live, where you can enter someone’s - anyone’s - email address, and they will start getting instantly spammed by dozens of newsletters for which they did not sign up. If you’ve had a sudden increase in spam or suddenly found yourself signed up for a lot of newsletters and mailing lists that you didn’t request, Spamza may be why. You see, the Spamza site runs a script that takes their email address and then Spamza signs them up for those newsletters, without their permission.

Spamza then also encourages their victims to do the same thing to someone else, by sending that target email address several emails that are the spam equivalent of “nyeah, nyeah”, taunting the victim and saying:

“You got spammed!
Get your revenge and spam your enemies at

SpamZa.com will sign up any email to hundreds of newsletters anonymously”

Now, clearly this is pure evil.

But, is it really what it seems?

Let’s think this through.

The Spamza script that runs when you enter someone’s email address signs that email address up for a bunch of newsletter mailing lists.

However, this only works because those mailing lists don’t use confirmed (double) opt-in, which is considered the industry standard for best email practices. This means that they add that email address to their mailing list without first confirming that the owner of the address really wants to be on the mailing list.

Confirmed or double opt-in means that they first send an email to that address asking the owner of that email address to confirm that they really want to be on the mailing list, by clicking a link, or replying to the confirmation email.

(And actually, some of those mailing lists are confirmed opt-in, and did send confirmations when we did our own testing of Spamza - good for them!)

The point here is that the only reason Spamza is able to create the havoc that it does is because people run single opt-in mailing lists, where they grab any email address that comes their way, say “Oh goody! Another subscriber!”, and add it to their list, without first checking that it was a legitimate subscription.

Now, we have been saying for years that running single opt-in mailing lists, even if you are pure of heart, is a wide open security hole, because anybody can sign up someone else. And the response has always been “Oh c’mon, you’re making that up - nobody would actually do that. Who would do that??”

Well, here’s your answer.

Spamza would do that.

Which brings us to our title question: is Spamza really the ultimate spamming weapon? Or, is it the ultimate anti-spammer weapon?

Was Spamza created by some whacko who just wanted to see how much spam they could proliferate on the Internet?

Or was Spamza created by some ardent anti-spammer, who knew that, among other things, all those single opt-in mailing lists would get in trouble for having been duped into unwittingly proving what the email receiving and anti-spam industries have been saying all along: single opt-in is ripe for abuse?

You be the judge - here is what Spamza says about itself:

“SpamZa.com is a website designed to promote newsletters and interesting content. WE DO NOT SEND SPAM. SpamZa will subscribe the e-mail you submit to hundreds of popular and free newsletters. You can leave these newsletter at any time. Simply speaking, you put any e-mail, you click “Spam this email!” and we do the rest. The said e-mail will be registred to hundreds of daily newsletter and receive thousands of e-mails, most of them who avoid the junk filter. The point of this website? To spend as much newsletters as possible to as much people as possible. There are very few things the owner of the e-mail can do: change his e-mail address (but you can re-submit his e-mail), manually unsubscribe hundreds of newsletters (but you can resusbcribe him… if you are really evil) or ignore all the message (it becomes impossible to execute the most basic tasks). In short, SpamZa! is a very mean way to create a lot of problems

SpamZa was created with the idea that spam and newsletters were our friends, not our enemies. Think about it for a second: some people worked really really hard to write interesting newsletters and emails. The least we can do is read it! SpamZa will subscribe any email sent to hundreds and hundreds of newsletters. Furthermore, its algorithm always being under development, you can expect the e-mail owner to make a lot of friends from Nigeria who have a lot of money to give and he can expect to have your Bank of America/Citigroup/eBay/Paypal account suddenly locked with a poorly written email from LOLUGETSCAMMED@PHISINGROFLMAO.com. You know all the newsletters that say “we do not redistribute or resell your email” (but do anyway)? We do the opposite. We get your email known, and pretty well known to as many newsletters are possible. Expect any email entered in our form to receive 100-150 emails per day at the bare minimum, most being able to bypass most junk filters. To use our service, enter any email and click “Spam this email!” and get ready to get spammed. You may enter any email you want but please understand this is very, very mean to use. For maximal efficiency, enter the email every day and re-spam it, so even if the person unsubscribe, he’ll get in again the next day.

SPAMZA DOES NOT SENDS SPAM. SPAMZA TAKES NO RESPONSABILITY FOR THE E-MAIL YOU CHOOSE TO SUBMIT TO OUR ALGORITHM. SPAMZA WAS CREATED TO PROMOTE POPULAR NEWSLETTERS AND NOT FOR SPAM. SpamZa is perfectly legal and respect all anti-spam policies around.

SpamZa is not responsible for any consequences of using its services. SpamZa provides its services in a purely informative manner. The user is solely responsible the email he submits to our engine and algorithm. We are not responsible for any unwanted email from anyone. We do not send unwanted email and do not maintain a newsletter for ourselves. SpamZa is neither affiliated nor associated with any newsletter or website sent from using this service. SpamZa does not approve nor disapprove any email, communication letter or information sent using its service. If you received spam because someone used SpamZa on you, we do not care. If you want to bitch because your email is unusable, we do not care, but please send us your hate mail anyway so we can laugh at it. If you are frustrated about our website, good for you.

PRIVACY
We never reveal the IP of the person who visits our website and submit e-mails, no matter what. We never reveal who subscribed him to SpamZa! and all those newsletters. The victim will most likely never know who subscribed him to this service, making it almost impossible to track the person who subscribed him to so much spam.

To all the little shits that try to take us down by submitting complaints — it won’t work. Stop wasting your time and ours and e-mail us if you got a problem”

[Ed. Note: Ironically, it appears that it did work, as as of noon EST today, the Spamza.com site is down.]

See the original post:
Spamza - The Ultimate Spamming Weapon - Or is It?

If you’ve been reading any tech news sites lately, you’ve probably noticed two distinct trends:

1) Lots of reporting of the storm worm, with sub-stories related to mass hijacks of publicly-owned websites for the purposes of infecting the public’s PC’s with the Storm worm. (With still further subsets focusing on the “Russian Business Network” (or “RBN”) being behind the whole setup.)
2) Lots of arrests, convictions, and imprisonments of large-scale illegal spammers. (Including one murder-suicide of a previously incarcerated illegal spammer.)
3) More raids in Romania of online scammers, predominantly eBay scammers.
4) Lots of arrests and indictments related to the TJ Maxx identity theft incidents from last year.

As with last year, 2008 is proving to be an extremely bad year for illegal spammers.

I define an illegal spammer as the following, which is more specific than CAN-SPAM:

- They don’t care who they send to, or whether they actually ever wanted to hear from them in the first place.
- Further to that point: they actively seek out email addresses of total strangers to start spamming them. They know that these email addresses are not actively seeking to be sent spam. They don’t care.
- They try to get as much deliverability out of their messages whenever they know that their messages are being specifically filtered against (remember: they know these people don’t want the messages in the first place.)
- They spam the same individual numerous times per day. (And in many cases: per hour.)
- They spam urls representing largely illegal or fraudulent websites, selling either fake or counterfeit products, in violation of international law.
- They never opt anyone out, ever, and never honor any inbound communication regarding spamming.
- In many cases, their sites actively filter for any words related to spamming in their email or contact forms. They are well aware that they operate in violation of the law, and the public’s privacy.
- Their “opt-out policy” is to tell anyone who complains to “find your delete key.”

Robert Soloway was just such an individual. He knowingly spammed millions of people, several times per day, promoting “products” which either didn’t work (his so-called “turnkey email marketing solution”) or a variety of other bogus products. He ignored, and then later actively retaliated against any complaints regarding spamming.

Soloway was recently quoted as saying “I can honestly say, even though I’m going to federal prison, for once in my life, I have a focus. I’m very sorry for what I did. I’m hoping people can forgive me.” (source) This is in very stark contrast to previous statements he had made in chat rooms and web forums. e.g.: “I always win … regardless of the judgment amount … losing is not an option, and I never ever, ever have to pay a single cent to anyone.” (source)

Well we now know just how wrong he was.

I’m not going to comment on the Eddie Davidson murder suicide. It was very tragic and ultimately had very little to do with his prior spamming exploits (other than the fact that he escaped from the prison he was sent to for doing so.) What I will comment on is that Davidson was an active and willing informant to the FBI and other law enforcement agencies, something very few press outlets covered. He was already providing lots of information on how stock spamming worked, and was allegedly assisting in the case against his former business partner Darrel Uselton, known to be a rampant, unrepentant stock spammers for years. Jack and Darrel Uselton are both awaiting trial on Sept. 29th and continue to be under investigation by several states and the US Securities and Exchange Commission (SEC). (See the Texas AG’s press release dated July 9, 2008.)

That doesn’t bode well for many spammers, and could also have the ancilliary effect of further damaging Alan Ralsky, currently under a similar indictment in Michigan related to his repeated stock spamming activities, and profiting from stock market manipulation.

There was also the conviction of Michael Dolan relating to his AOL phishing and spamming practices.

All of this is summed up rather nicely in a recent forum thread I was made privy to in the past few weeks.

If You Live In The U.s.a - Please Stop Spamming, It’s just not worth it anymore

gerogeyboy0101
Posted: Jul 16 2008, 03:45 PM

On a roll…
*

Group: Members
Posts: 253
Member No.: 1368
Joined: 21-September 04

I have met online and dealt with many of you throughout the years, and some of you are simply terrific people who got caught up into something a long time ago that used to be innocent and legal, but now has been blown into astronomical proportions of bad.

People all over the USA are going down for illegal activity related to spam. I myself became a target for the IRS and was questioned by the fbi all because I told the truth about the fact that I had received 1099’s from two spammers that had spam lawsuits against them.

Surveillance technology and the Patriot Act and further bills being signed into being are completely destroying liberal, human, and privacy rights for citizens in the united states.

I don’t know if some of you guys realize it but these guys do not close, they do not stop. They take our tax dollars and get paid to sit in rooms and spy and follow leads, and investigate and do whatever it takes to catch whoever they can whenever they can. They are relentless and uncaring. If you’re going to spam and you have to, hey, a man (or woman) has gotta do what they gotta do. But using proxys or botnets or unauthorized access on anyones computer is simply not worth it anymore.

They will put you away for years, no ifs, ands, or buts about it. I’m not trying to scare anyone, Im just saying, be careful, and watch your asses, because they are out to get you 24/7.

The thread contnues with a lot of basically “shrugging” comments about how this has always been the case, followed by general agreement that everybody should be careful not to use their real identities when “doing business”, and then referring to the US as a “fascist” country.

They are all missing the point.

All of these recent arrests are pointing to a rather obvious point: if you commit crimes, no matter where you are or who you claim to be, you will be found, you will be arrested, you will be prosecuted, and you will be convicted. The few times this has not happened, it still results in suspects vastly changing their lives by moving to a completely different geographic location, and setting up whole new identities. If you’re spamming illegally, and especially if that spamming is surrounded by other illegal acts (hacking, hijacking of public computers, infection of public computers, fraud, wire fraud, computer trespassing, unauthorized sale of controlled substances, securities fraud, etc. etc. etc.) trust me: you are going down. Maybe not today. Maybe not this year. But you will.

Regarding the Russian Business Network: this shadowy group are continuing to erode the public perception of the country of Russia. Russian cybercriminals are behind perhaps 90% of the virus-laden emails the general public has been receiving. There are several reports that have linked them to the following:

• Recent attacks against websites and network infrastructure of the country of Georgia, starting at precisely the same moment as the attacks on the ground.
• Spam messages claiming to be from either MSNBC or CNN featuring links to bogus “breaking news” stories.
• Server hijacks and exploits causing them to deliver these same infections.
• Spam for “Canadian Pharmacy”, a known Spamit / Glavmed sponsored property.

And of course there are the less-substantiated claims that they also have been behind spam campaigns and hijacked hosting for a variety of child pornography website operations, and that they were also involved in the cyber-attack against Estonia last year.

Prosecution of whoever is behind this group, especially within Russia, is unlikely. But that’s soon going to become less of a problem since much of their target audience is actually geographically located within the US, as are (it is believed) several of their operatives. Also: a lot of the people who spam on behalf of these Russian groups and individuals (notably Spamit / Glavmed) are located in the US, Canada, and several countries in Europe. Arresting them can cut off a major source of cashflow and infrastructure. It also can draw out further details of where these individuals can be found, and subsequently arrested, if not by Russian police, then by international law enforcement. It’s a pretty small planet, after all.

The cyber-attacks against Georgia have garnered some very widely viewed headlines, and not just in tech publications. This does not help the Russian government in its bid for entry into the WTO. That was previously hindered by the renowned shuttering and resurrection of AllOfMP3.com. (Which now alternately operates as MP3Sparks and MemphisMembers.) It also isn’t doing any favors for Russia in terms of how international law enforcement sees them, which I’m sure is of no consequence to the Russian government anyway. That the recent cyberattacks have gained significant news attention is now raising some questions for other governments: if they can attack Estonia and Georgia, who’s to say they can’t attack a larger western power? Or a specific government, or utility, or financial network? The fact is: they can. Illegal spammers and their supporters have killed off any site which gets close enough to the truth to make them uncomfortable: the KillSpammers forum (which is not completely gone, just on hiatus. ,) spam-court, castlecops, blue frog, etc. They will do it whenever it suits them, or when they feel that the evidence is such that it will cause problems with their cashflow. I don’t doubt that they’d eventually try to attack Citibank, or PayPal, or the US Federal Reserve if it suited their needs at the time.

But that can only keep going for so long. A very bright light has been shone upon the RBN, and they are certainly aware of it. One day, inevitably, something’s gotta give, one way or the other.

In any case, the past two years have made two things abundantly clear:

1) While the process may be slow, law enforcement and the courts do enforce laws against these criminals, and apply penalties resulting in real jail time
2) The public at large is definitely fed up with continually receiving email spam (or really spam of any type.)

The tally so far this year:

• Indicted:
  • Alan Ralsky
  • Scott Bradley
  • Judy Devenow
  • John Bown
  • William Neil
  • Anki Neil
  • James Bragg
  • James Fite
  • Peter Severa
  • How Wai John Hui
  • Francis Tribble
  • Albert Gonzalez, AKA Segvec
  • Christopher Scott
  • Damon Patrick Toey
  • Maksym Yastremskiy, AKA Maksik
  • Dzmitry Burak
  • Sergey Storchak
  • Aleksander Suvorov, AKA Jonny Hell
  • Hung-Ming Chiu
  • Zhi Zhi Wang
  • Sergey Pavolvich
  • An unknown hacker named “Delpiero”

• Arrested:
  • Alan M. Ralsky [but out on bail]
  • Albert Gonzalez, AKA Segvec
  • Maksym Yastremskiy, AKA Maksik

• Convicted and Imprisoned:
  • Robert Soloway
  • Michael Dolan

That’s 25 total. And that’s actually an incomplete total since there were an additional 22 arrested back in April, notably including “Vladuz”, a Romanian cybercriminal behind rampant amounts of eBay phishing attempts. So for 2008 alone, we’re nearing 50 criminal prosecutions against these criminals, and it’s only August.

So I think I would have to agree with ol’ “gerogeyboy0101″ up there: if you’re spamming at all, do us all a favor and get the hell out of “the business.”

SiL / IKS / concerned citizen

Oh and P.S.: anybody notice that a lot of inbound spam purporting to be for VPXL or “Canadian Healthcare” now redirect to the SpamWiki entry for SanCash?

e.g.:

chipadd.com [a king replica site]

now points to:

http://www.spamtrackers.eu/wiki/index.php?title=King_Replica

Hehe. Nicely done, whoever you are.

SiL

Read more:
Some Spammers Are “Getting Out Of The Business”

AntivirusDoc is a new rogue anti-spyware program - a fake spyware remover, which uses trojans, such as the infamous Zlob or Vundo to enter the system. This parasite uses a range of intimidation techniques to get the user to purchase it’s “licensed version”. AntivirusDoc will flood the user with popups and fake system notifications to scare the user he is infected.

There is no reliable information available on the company behind AntivirusDoc or the product itself. AntivirusDoc is a scam and should be treated as such: do NOT download or buy it and block it’s homepage using your HOSTS file.

See the original post here:
AntivirusDoc

WiniFixer is a rogue anti-spyware program. It is, essentially, a fake spyware remover, which uses scare tactics (popups, fake system notifications) to convince the user that he is infected, in hopes that he will buy WiniFixer to dispose of the problem. This parasite usually infects the sytem by using trojans, such as Zlob and Vundo. WiniFixer is a “product” of Pandora Software - a program of highly dubious nature, which is also behind such scams as SpyAway and the recent InfeStop. WiniFixer is a clone of the said two rogues.

WiniFixer is a scam and should be treated as such: do NOT download or buy it and block winifixer.com using your HOSTS file.

View original post here:
WiniFixer