To print: Click here or Select File and then Print from your browser's menu

This story was printed from silicon.com, located at http://www.silicon.com/

Story URL: http://software.silicon.com/security/0,39024655,39122896,00.htm

Spam meltdown brewing in suburbia
Home PCs driving wave after wave of junk email...

By Will Sturgeon

Published: Wednesday 04 August 2004

The number of home PCs compromised and infected with Trojans is increasing, and coupled with the move to always-on broadband connections the situation is playing right into the hands of spammers. And what's more, organised gangs are making money selling on the processing power of compromised home PCs.

'Open relays' enable spammers to effectively 'launder' their emails by sending them through a compromised PC or server - therefore adding a further level of complexity to any 'paper trail' that might lead back to them. According to research from network specialist Sandvine, around 85 per cent of email leaving residential broadband-connected PCs is spam.

Similarly, an army of infected machines - or bot-nets - is being created by viruses such as MS Blast, MyDoom and Sobig, with the potential to harvest processing power for spammers' illegal operations.

And considering IDC claims 44 per cent of PCs in Europe are now in the home, where security and awareness of threat is typically lower, the size of this army could be vast. Home users have been slow to understand threats and many have been remiss in updating or even installing antivirus software which could reduce the likelihood of their conscription into this 'army'.

Answering a reader question for today's 'Security Q&A', Paul Wood, information analyst at MessageLabs, said this power is particularly useful for generating huge lists of potential email addresses.

Wood said: "Spammers will often select a few target domains and then buy up capacity on 'bot-nets' - networks of virus-infected home broadband machines, often controlled by criminal gangs. These mercenary zombies can be hired for as little as $60 for six hours, or $2,000 per week. These bot-nets provide enough combined computing power and bandwidth for them to be able to spam almost every email address imaginable."