ZDNet UK / News and Analysis / Infrastructure / Networking

Heard of drive-by hacking? Meet drive-by spamming

By Graeme Wearden, ZDNet.co.uk, 5 September, 2002 16:54

Daily Newsletters

Sign up to ZDNet UK's daily newsletter.

Topics

Wireless, Wi-Fi, drive-by spamming, warchalking, adrian wright, secoda risk management, Wardriving

NEWS
The proliferation of insecure corporate wireless networks is fuelling the growth of drive-by spamming, a security expert warned on Thursday. Speaking at the International Security Users Conference in London, Adrian Wright, managing director of Secoda Risk Management, warned that junk emailers are taking advantage of unprotected wireless local area networks to bombard email users with unsolicited and unwelcome messages. "These people simply drive up to a building armed with their pornographic email, log into the insecure wireless network, send the message to 10 million email addresses and then just drive away," said Wright. A drive-by spammer would send spam by finding an unprotected SMTP port on a company's server and then sending email as if they were a legitimate user of the company's network. The mail server wouldn't be able to tell otherwise. The ability to send spam through a company's network without its knowledge could allow the spammer to avoid bandwidth costs -- which can be substantial for tens or hundreds of thousands of emails. It also make sit much more difficult to trace the spam back to the spammer -- a useful tactic for those who send spam as a service for other companies and who may have been in trouble with the law. In April, the US Federal Trade Commission said Tuesday said it had busted dozens of alleged Web scammers in conjunction with law enforcement from six US states and Canada. And in July, six Korean Web sites were fined for bombarding Internet users with spam email. In Europe, a new directive that bans the sending of unsolicited commercial email should be in place some time next year. What's more, many ISPs have no-spamming rules, which the drive-by spammer will be trying to avoid. A company that falls victim to a drive-by spammer could find itself cut off -- any messages sent by the spammer will appear to come from within the company's network, and the ISP will have no compunction closing down the connection until the problem is resolved. Between 60 and 80 percent of corporate wireless networks are insecure, Wright warned, often because IT managers fail to change default settings when they install a wireless LAN. This has already led to the practice of wardriving, where people drive around cities looking for insecure wireless LANs, and warchalking, where hackers drawing a chalk symbol on a wall or pavement to indicate the presence of a wireless networking node. Warchalking signals have been springing up in areas such as London and Silicon Valley over recent months. Opinion is split over how ethical the practice is. Matt Jones, who invented warchalking, told ZDNet UK News recently that one advantage is that it alerts sysadmins to the fact their wireless network is insecure. "I have already had emails from some sysadmins who said they love the idea. Several even said they will print the symbols on a card and put it in their office windows," Jones said. Detractors, though, have warned that warchalking could encourage malicious hackers to break into a company's wireless LAN with the intention of stealing or damaging corporate data. Wright's revelation about the existence of drive-by spammers has flagged up a new downside to warchalking. Wright illustrated that warchalking is alive in remote locations as well as cities by producing a photo of a warchalking signal drawn on a buoy floating at sea. Wright explained that it is possible to get access to a wireless network at that point, because an ISP's point-to-point transmitter onshore is transmitting a high-speed wireless connection overhead. Several wardriving exponents have been pictured using a Pringles carton to detect Wireless LANs. Wright told his audience that a recent competition to find the best wardriving antenna had been won by a can of meat stew.
Discover the latest developments in Wi-Fi, 3G, GPRS and other cutting-edge wireless technologies at ZDNet UK's Wireless News Section. Have your say instantly, and see what others have said. Go to the Telecoms forum. Let the editors know what you think in the Mailroom.

Related stories

Warchalking: London Wi-Fi guerrillas take tips from hobos

Ofcom to make it easier to change broadband service

Google set to build backbone of its 1Gbps fibre network

Nicira reveals network virtualisation details

MPs urge ISPs to take down terrorist material

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your ZDNet UK account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy. Questions about membership? Find the answers in the Community FAQ

Get ZDNet UK's daily newsletter

Enter your email address to sign up

ZDNet UK Live

apexwm

Bill Goodrich : Just as al_langevin pointed out, with Windows Server 2008 there is no Services for Macintosh anymore. It's gone, not available....

5 hours ago by apexwm on Windows Server 2008 drops the ball for Mac compatibility
txtrainguy

Replying to an old topic that I'm currently facing with my CEO (who is on a Mac). Our servers are primarily Windows Servers, office is about...

12 hours ago by txtrainguy on Windows Server 2008 drops the ball for Mac compatibility
k0tcs3

Sure, that makes perfect sense. Pay wrong-doers money and thank them for breaching your security and pointing out your flaws, that would surely...

12 hours ago by k0tcs3 on US indicts Romanian over NASA climate change hack
Random_Error

I think he's referring specifically to Android apps, as Apple do regulate their App Store, but Google seem to let any old crap onto the Android store!

12 hours ago by Random_Error on RIM: BlackBerry will keep 'garbage' apps out of store
Paul Fezziwig

Keep the crap apps out?! How will they compete with Android and Apple's claim to fame of having so many life changing apps? I wonder if the media...

18 hours ago by Paul Fezziwig via Facebook on RIM: BlackBerry will keep 'garbage' apps out of store
Aigars Mahinovs

It has been shown time after time that if there is an author store that sells the songs at even 1$ per song and gives you a high-quality digital...

18 hours ago by Aigars Mahinovs via Facebook on Copyright isn't working, says European Commission
awbMaven

""As a result of Butyka's alleged conduct, researchers were unable to use the computers for more than two months while NASA removed the malicious...

21 hours ago by awbMaven on US indicts Romanian over NASA climate change hack
subhorup

It simultaneously worries me and uplifts me that a self-proclaimed group of internet activists name themselves after Indian mythical figures....

1 day ago by subhorup on Anonymous activists release PCAnywhere source code
naviathan

It's actually far easier to work anonymously on the internet than you think. With tools like Tor bouncing your traffic around the world before...

1 day ago by naviathan on Anonymous activists release PCAnywhere source code
Agnostic_OS

1000272134 and bluedalmatian with you both there but then I'm still in 10.04 land (and happy with it)

1 day ago by Agnostic_OS on Ten factors that make Ubuntu 11.10 a hit
apexwm

Interesting article and definitely see your points on the products mentioned. One of the top products for our Help Desk (approximately 20% of all...

2 days ago by apexwm on Ten flawed products that derail productivity
Paul Hutchinson

Absolutely - this should obviously not be handled my isp - but handled by their hosting operator. What's been suggested here is that my isp police...

2 days ago by Paul Hutchinson via Facebook on MPs urge ISPs to take down terrorist material
Techs UK

Looks like a great phone. I don't notice any deficiencies in WP7. used IOS before, that's pretty good. I don't spend much time in Apps, all i need...

2 days ago by Techs UK on Nokia pins US 're-entry' hopes on Lumia 900
Larry Bloggy

Now with the help of these apps you are always synced with MS outlook while on the move. Just download apps like xobni or outlookreflex and get...

2 days ago by Larry Bloggy via Facebook on Outlook Social Connector beta 2 and the LinkedIn connector
mike40g123

Your details are wrong. The version currently being made is the one with 2 USB ports, 256MB RAM and a network port. This is the Model B. The...

2 days ago by mike40g123 on Raspberry Pi boards set to go on sale
Moley

The thing that has been puzzling me for quite a while is how Anonymous can remain anonymous whilst not only being active on the Internet but also...

2 days ago by Moley on Anonymous activists release PCAnywhere source code
Don Dilly

If what Semantec is saying is rue, that is even worse and shows a complete disregard for thier users. If what Anonymous claims is true and the...

3 days ago by Don Dilly via Facebook on Anonymous activists release PCAnywhere source code
MattChurchy

Didn't seem particularly biased to me either. Oh though you might have mentioned some other competitors with free search and email services...

3 days ago by MattChurchy on Time for an evil umpire: Google, Microsoft & privacy
Simon Bisson and Mary Branscombe

James - exactly as much as anyone paid you for your comment; I don't feel that I need to say that I'm independant and unbiased, but just for you...

3 days ago by Simon Bisson and Mary Branscombe on Time for an evil umpire: Google, Microsoft & privacy
Carl White

Once they realise symantec are willing to pay real money, they will simply keep extorting, unless of course symantec/authorities can use the...

3 days ago by Carl White via Facebook on Symantec offered hackers $50k in source code sting

Latest in Networking

Ofcom to make it easier to change broadband service

Google set to build backbone of its 1Gbps fibre network

Nicira reveals network virtualisation details

Featured white papers

Optimize Application Delivery for Global Deployment Of SAP

Blue Coat Systems

Optimize Application Delivery for Global Deployment Of SAP

Read this white paper to learn how optimising your network can make mobile and remote access to BI tools work, and work well, even on a global... Read more

12 tips for better video conferencing

Citrix Online

12 tips for better video conferencing

Whatever benefit your organisation finds in video conferencing, this Citrix Online white paper shows that while your success may begin with great technology, but it doesn't end... Read more

Three tips for better remote working

Imation

Three tips for better remote working

Is your business transitioning to a more remote workforce? This white paper outlines the three ways to efficiently and cost effectively enable... Read more

Inside ZDNet UK

Cabinet Office: no lobby influence on open standards

Cabinet Office: no lobby influence on open standards

2012 Predictions: VCE FastPath, VI SAN Probe & Hadoop

2012 Predictions: VCE FastPath, VI SAN Probe & Hadoop

BlackBerry Bold 9790

BlackBerry Bold 9790

2012 Olympics: Is your business prepared?

2012 Olympics: Is your business prepared?

Ten factors that make Ubuntu 11.10 a hit

Ten factors that make Ubuntu 11.10 a hit

Toshiba Portégé Z830-10P Review

Toshiba Portégé Z830-10P Review

BT's archive: Pictures from the vault

BT's archive: Pictures from the vault