Robert Soloway from Seattle was once consider the eighth largest spammer in the world, now he’s the first biggest loser. He has been arrested and charged with multiple counts of mail and electronic fraud. He also charged with operating a bot-net used to send out spam to a database of 150 million email addresses. Soloway has been in legal trouble before, in fact an Oklahoma ISP sued under the CAN-SPAM act and after firing his lawyer and refusing to show up to court the ISP got the default $10 million dollar judgment. For his crimes he is facing up to 26 years in jail and up to a $625,000 in fines, but since he’s broke that doesn’t really matter. Just goes to show that crime doesn’t pay especially spamming.

F-secure has noticed a trend that more malware is being spread though FTP. As most can remember when viruses and other nasties were spread through email attachments, well that’s be fairly well defeated. Then came the drive-by-downloaders which use http to transfer the infectious payload, that’s been slowing down since browsers have evolved. Now though there is a new way to become infected, through trusty old FTP. How this happens is that a user receives a spam email with some links claiming they have an offer which can’t be refused and as we all know most really can’t refuse it. So the unsuspecting user clicks the link and a ftp connection to some bot-net controlled computer is initiated and some infected files downloaded. So now there is one more thing to scan for in your emails.

I think this is hilarious.
A group of scammers called Mr Brain provide different phising, scamming tools to would be scammers. The reason the groups scripts are so popular are their ease of implementation, some can be done in as little as a minute. So the little script kiddies can just fill in a few details in the script config file and they think their done. The icing on the cake is these very scammers are themselves being scammed. The scripts also have some other code that is encrpyted that sends all the information gathered, back to the Mr Brain group. So these poor startup scammers just can’t get a break as the big guys already drained all the accounts.

Source: Netcraft

According to Symantec

U.S.-based credit cards with a card verification number were available for between US$1 to $6, while an identity” including a U.S. bank account, credit card, date of birth and government-issued identification number” was available for between $14 to $18,

To gain access to the information needed for the sale of identities hackers use a combination of social engineering, maliciously crafted word documents, and any of the zero-day exploits being announced all the time. They then send the word document with it’s dubious payload to unexpecting users. Since it is a word document commonly assumed to be safe and since most email servers don’t block these type of attachments, the user happily clicks on it and all is lost.

• Symantec has a video showing how these attacks happen.
• Macworld has the rest of article on this very scary transaction.
• Symantec’s full white paper on the whole deal here. (warning large pdf)
• Itwire also has this article on more of Symantec’s report.

Today when I logged into my blog I was greeted by a lovely little dialog saying that I currently had 43 new spam comments. This is after not logging in for a weekend. They where all simple two to three word spams all from different ip addresses. The were all on one post so I disabled comments on that post. I think I’m going to find a plugin to automatically disable comments on old posts. If any one knows of one for wordpress 2.1 please let me know. When will the spammers learn that as much as they love to spam everyone else loves to block them.