Terry Zink's Cyber Security Blog

Discussing Internet security in (mostly) plain English
Translate This Page
Common Tasks
Search Form
  • Advanced search options...
Tag Cloud
Monthly Archives
Archives

Wall Street could learn a thing or two from botnets

MSDN Blogs > Terry Zink's Cyber Security Blog > Wall Street could learn a thing or two from botnets

Wall Street could learn a thing or two from botnets

25 Sep 2008 8:48 AM
  • Comments 3

Well, the government is well on its way to bailing out Wall Street from its own incompetence, putting taxpayers on the hook for $700 billion.  The worst part is that as Treasury Secretary Hank Paulson puts it, "You're worried about taxpayers being on the hook?  Well, guess what?  They're already on the hook!"  I read that and said "Aw, crap..."

Anyhow, Wall Street should maybe learn something from botnet operators.  For you see, botnets are not just for sending spam anymore.  The bots have diversified their holdings:

  • Sending spam - botnets curse and plague us with piles of spam in our inboxes every single day.  Spamming is big business and by randomizing the location of where the mail is coming from, spammers can evade reputation filters for a little while.

  • Signing up for webmail accounts - Google, Yahoo and Hotmail all have problems with spammers creating free accounts, sending spam and avoiding each other's reputation filters.  The thing is, it's bots that are creating these free webmail accounts.  So instead of sending spam directly, these bots are doing automated account creation and using a loophole to send spam - that of evading a reputation filter by hijacking someone else's.

  • Creating landing pages - Not only do bots sign up for email accounts, they sign up and create landing pages, like a spammy Live Spaces account or Google Blogspot account.  They break the CAPTCHA's these services have and create the landing pages so that when they do eventually spam, these spam messages have links to free web pages.  Again, it's reputation hijacking.

  • Other nefarious purposes - There are other things that bots do, like engage in cyber-warfare against nations (this happened to Estonia in 2007), DDOS attacks, and so forth.  In other words, bots are used for things other than sending spam.

My whole point in this is that botnet operators have diversified.  They are not just for sending spam so taking out one particular activity doesn't necessarily take them out of the game.

Contrast this with Wall Street.  Clearly, they made some bad investments.  Really bad, like $700 billion worth.  Perhaps if they diversified their holdings a bit and didn't overload in one particular area (like subprime mortgages) they/we wouldn't be in this mess.

Botnet operators may be evil, but they aren't stupid.

Leave a Comment
  • Please add 2 and 4 and type the answer here:
  • Post
Comments
  • Wall Street could learn a thing or two from botnets : EasyCoded
    25 Sep 2008 8:54 AM

    PingBack from http://www.easycoded.com/wall-street-could-learn-a-thing-or-two-from-botnets/

  • Norman Diamond
    25 Sep 2008 7:52 PM

    "Google, Yahoo and Hotmail all have problems with spammers creating free accounts, sending spam and avoiding each other's reputation filters."

    Sorry this overlaps with another comment I just posted, but your statement needs a reply.  Yahoo does not evade Yahoo's reputation filter.  Yahoo blocks Yahoo just like any other spammer.  And just like taxpayers, Yahoo's paying customers are on the hook for it.

  • Norman Diamond
    27 Sep 2008 7:17 AM

    Oh, it gets better.  Yahoo sent a spam from Yahoo to my wife's Yahoo account and delivered it to her inbox.  She complained.  Yahoo sent an automated reply from Yahoo to my wife's Yahoo account ... and delivered their own reply to my wife's spambox.

    When Yahoo decided that the original spam wasn't spam, they attached a header line saying from=yahoo.com; domainkeys=pass (ok).  When Yahoo decided that Yahoo's automated response from Yahoo's abuse box was spam, they attached a header line saying from=yahoo.com; domainkeys=neutral (no sig).

    I wonder if this means that Yahoo is figuring out what Yahoo's reputation is or not.  But they sure aren't giving themselves diplomatic immunity.

    On another topic, there's another botnet operation.  The original spam was submitted through an HTTP connection to Yahoo's web server.

Page 1 of 1 (3 items)