Graham Cluley, a senior technology consultant for Sophos, said on Wednesday that the increasing use of broadband Internet connections and a general lack of security awareness have resulted in around one in three spam emails being redirected through the computers of unsuspecting users. "There are lots of people on cable modems and broadband connections that haven't properly secured their computer. They don't know it, but their PC is being used as a relay for sending spam to thousands and thousands of other people. We believe that 30 percent of all spam is being sent from compromised computers," he said.
Cluley said that if a RAT is able to get into a PC, an attacker could take full control of that PC, as long as it is connected to the Internet. "They can steal information, read files, write files, send emails from that users name -- it is as though the attacker has broken into the office or home and is sitting in front of that computer," he said.
There is also very little chance that the PC's owner will have any idea their system is being used by a third party, said Cluley, who warned that an attacker could remove any traces of their activity, so that there would be no obvious record: "It is really just network and Internet bandwidth that is suffering -- there is no permanent record left on the PC that you can look up -- you wouldn't see anything if you checked your Outlook sent items folder," he said.
Sophos is also concerned that there may be a connection between the virus writers and spammers. Cluley pointed out that both groups have similar interests and he said he has known of worms that have attacked anti-spam Web sites: "Anti-spam Web sites have been knocked out by these viruses, why is that? We all suffer from spam. Virus writers are either working with spammers or they are the spammers," he said.
Talkback
Hello,
I believe my computer is being used for this purpose. I constantly get returned emails that I did not send. I have Norton System Works. It is updated. I also use Adaware. Neither program is able to find anything. Do you have any suggestions on how I can find and remove this malicious software from my computer? I get a new file about once a week on my desktop entitled "~". I always delete it. Magically, a week or so later, there it is again. Please HELP ME! Thank you for your time and attention to this matter.
Sincerely,
Richard K. Huneycutt, Jr
The simplest solution is to throw out Windows and install Linx or buy a Mac.
re: mr anonymous
Changing OS will not stop the amount of spam you get.
And I quite like having more than 6 games to play on my computer...
Not news ... read here:
http://www.nsclean.com/nws-spam.html
Even more information on the history of these things here:
http://www.nsclean.com/library.html
" I constantly get returned emails that I did not send. "
Me too. This does not necessarily mean your PC is being used as an internet relay - merely that spammers have your email address and are spoofing it into the "From:" field. It is ridiculously easy to do this.
Try dslreports.com - they have forums where much of this is explained. Another good site is spywareinfo.com -they all exist to assist folks in uncovering the latest malware ... I hang out on dslreports, grc.com and a number of other places when I'm off duty.
In answer to your question, the mystery desktop "~" files appear to be the result of MS Office (and its components like "Wurd" and such) coughing up hairballs on your desktop to express their devotion. ("no, body heat" - anyone whose had a cat knows what I mean)). Those are NOT a sign of a "takeover" but merely Billy cuddling up at your lap and purring, extra loud if you purchased "Xpee." :)
Drop by one of the places that have forums on "spyware" ... you'll find folks who can provide free solutions to whatever vexes ya. Folks like me unfortunately have to charge for our software, since we have people whose existence in life is to catch these buggers BEFORE they get out and about.
But there are also free solutions which are a bit more manual in nature - the above will be MOST helpful for any questions you have, and like I said, I'm involved in many of them personally and can assist there. I don't think much is actually going on in your machine. As we set forth in the link I provided in a followup to an article we wrote last September, if you truly HAVE been hobbed, your ISP would be complaining loudly. You know how they get on about the expense of bandwidth, and if your machine were a hog, they'd be knocking on your door about now about it. :)
Rats...Now its time to clean house. You could do a complete reinstall, but first you could have great luck and success, with a program called Spybot. Run a search with google for the program. Download the start spbot . I am sure you'll find many causes for your problems. For your information, i have found many valuable ideas with a news letter called (can i say this?) The Langa List, search and enroll. 1) Spybot "Search and Destroy"
2) The Langa List ... Wishing you well, take care, d
Education, Education, Education!
Perhaps a global effort by all ISP's to their customers could help with this.
I believe ISP's must take some responsibility, as most of the unwanted traffic nearly always originates from hosts(domestic users) connected to their systems.