Spam Links
HomeInfoFilterPreventTrackToolsMore
Spam Links > Prevent > Secure > Open Proxies > Spam Trojans
  spamlinks.net/prevent-secure-proxy-trojan.htm
AboutSearchSitemapContactBlog

Spam Trojans

Trojans, zombies, bots... whatever you call them, spammers are using them, and in large quantities. There are simply too many variations to list them all, but the most important initial uses of trojans to support spamming, such as the Sobig worm, are covered here.

Spam trojans present a serious difficulty to most anti-spam efforts. They provide a fresh supply of IP addresses to avoid blacklists, and can be used for many applications that a spammer needs: DNS; web hosting; proxying mail; sending via ISP mail servers. The list is long and challenging, and there are no easy answers.

Related

Overview of Spam Trojans

Operation Spam Zombies - www.ftc.gov/bcp/conline/edcams/spam/zombie/
The Rise of the Spammers - www.infosecwriters.com/text_resources/pdf/spammers.pdf
Spammer Using Over 1000 Home Computers as DNS - www.circleid.com/posts/moving_target_spammer_using_over_1000_home_computers_as_dns
Hackers May Profit From Spam - www.adimpleo.com/top/spam_hacker.html
Trojans as Spam Robots/Trojaner als Spam-Roboter - www.heise.de/english/newsticker/news/44879 - also in German
Who's Spamming Who? Could it be You? - www.ftc.gov/opa/2004/01/zombiespam.shtm
Bots & Cyberime - securityresponse.symantec.com/avcenter/cybercrime/bots_page2.html
Increasing Spam Threat from Proxy Hijackers - www.spamhaus.org/news.lasso?article=156

Top Index

Specific Spam Trojans Analysed

Sobig.a and the Spam You Received Today - www.secureworks.com/research/threats/sobig/
Sobig.e – Evolution of the Worm - www.secureworks.com/research/threats/sobig-e/
Sobig.f Examined - www.secureworks.com/research/threats/sobig-f/
Who wrote Sobig? - spamkings.oreilly.com/WhoWroteSobig.pdf
Year of the Beagle - www.infectionvectors.com/vectors/year_of_the_beagle.htm
Reverse-Proxy Spam Trojan – Migmaf - www.secureworks.com/research/threats/migmaf/
Botnet Eavesdropping: Inside the Mocbot (MS06-040) Attack - www.eweek.com/c/a/Security/Botnet-Eavesdropping-Inside-the-Mocbot-MS06040-Attack/
Symantec list of spam trojans - search.symantec.com/custom/update/query.html?filter=vir&qt=spam
SpamThru Trojan Analysis - www.secureworks.com/research/threats/view.html?threat=spamthru
The Medbot menace - www.ameinfo.com/105378.html
Atrivo Shutdown Hastened Demise of Storm Worm - voices.washingtonpost.com/securityfix/2008/10/atrivo_shutdown_hastened_demis.html
Warezov botnet rises from the grave - www.theregister.co.uk/2008/10/16/warezovs_second_coming/
CBL-observed Effects of the McColo Outage - cbl.abuseat.org/mccolo.html
Srizbi spam botnet in failed resurrection - www.theregister.co.uk/2008/11/26/srizbi_returns_from_dead/

Top Index

AboutSearchSitemapContactBlog
everything you didn't want to have to know about spam

Hosted by spam.abuse.net, with help from Neil Schwartzman. Domain registration by Gregg DesElms. Logo by Art101.
Spam Links Home Creative Commons License
This work is licensed under a Creative Commons License. SPAM is a trademark of Hormel Foods.
Page last updated: 26-Nov-2009