Hoping to turn the tide on spam zombies, Microsoft has filed suit against entities it said used compromised PCs to send millions of junk email messages.
The company has identified 13 different spamming operations that use such zombies, it said late last week. A lawsuit was filed against unnamed defendants in August. Since then Microsoft has tracked down some of the people behind the operations, said Tim Cranton, director of Internet Safety Enforcement Programs at Microsoft.
"We have identified a number of entities in North America that we feel the evidence will show are liable and culpable for the spamming that occurred," Cranton said.
Microsoft has taken spammers to court before for using deceptive subject lines or are sent from spoofed addresses. The company is now expanding its spam fight to include criminals who hijack PCs to send unwanted email. "We are moving upstream and looking at the source of the spam problem, and it is obviously the zombies," Cranton said.
A zombie is a computer — typically running Windows and connected to the Internet via a broadband connection and without security software to protect it — that has been infected by a Trojan horse or other malicious code and is used remotely to send spam, mount distributed denial-of-service attacks, or other online crimes. A network of zombies is referred to as a botnet.
Zombie PCs have become a serious problem that requires more industry action, the US Federal Trade Commission (FTC) said earlier this year. Microsoft believes more than half of all spam is sent by zombies. The FTC has launched "Operation Spam Zombie" and asked Internet service providers to quarantine zombies and help users clean the PCs.
In its investigation, Microsoft intentionally created a zombie computer. Over a three-week period, the PC was accessed 5 million times by its remote controllers and used to send out 18 million spam messages advertising more than 13,000 Web sites, Cranton said. Microsoft said it blocked the junk mail before it hit the Internet.
"We were startled," Cranton said. "We did not expect the numbers to be that high and were surprised at the large volume of spam through just one zombie."
After the exercise, Microsoft analysed traffic to the zombie and the spam messages it was meant to send out. It compared those with other spam messages captured in Hotmail accounts. The evidence contributed to the lawsuit in which Microsoft has identified 13 different spamming operations.
Microsoft's announcement comes weeks after Dutch police arrested three individuals suspected of hacking about 1.5 million PCs worldwide and turning those into a botnet. Microsoft's effort and the arrests in the Netherlands are just a drop in the bucket, according to Cranton.
"We believe there are tens of millions of zombie computers out there," Cranton said.
Talkback
Thanks Microsoft for finally figuring out that your products can so easily be exploited that well. Let's not get into the thousands and thousands of hints, tips and complaints pointing that out exactly and delivered to you in the many years before that. Geez.
What's next? Please buy our future product to plug this hole? Or can existing customers expect a free update that works, keeps on working and doesn't break too many things?
Also, be very aware that it is thanks to many IRC Operators out there that plenty of botnets have been wiped out plenty times over. If it wasn't for them the botnet problem would have been very larger.
so they think they finally woke up eh i think not ...
Has anyone purchased a new sony music CD recently to play on their computer to then find the computer not doing what it should thanks to a Sony rootkit that is installed under the guise of the DRM shite .. you can bet your bottom dollar that they wont be fixing that problem any day soon will they just keep milking the wallets on legs cus you will all still keep paying for rubbish
and M$ Corp will always ensure there are plenty of back doors in your machines just waiting for the likes of Sony and Co to come crashing thru ..