EVER WONDERED what is the source of those bogus Viagra spam emails which flood your Inbox irrespective of your gender?
Well, be informed these are not originating from any individual who has accidently stumbled upon your email id and created a database but is a part of large networks, intriguingly termed “Botnets”! Some of the well-known botnets are Grum, Lethic, Kelihos and Rustock.
The advent of Botnets and the sometimes nausea-inducing spam that floods your computer has given rise to a new breed of entrepreneurs, ‘spam slayers’. And if you have recently noticed a sharp drop in the amount of pharmaceutical related spam that hits your computer, it is thanks to a concerted exercise by spam slayers and computer security experts who, together, brought down Grum, one of the world’s largest botnets, believed to be responsible for about 18 billion spam messages sent out every day, according to a report in the New York Times.
For the uninitiated, a botnet is a collection of internet-connected computers whose security defenses have been breached and control relinquished to an unknown party. Each such compromised device, termed as “bot”, is created when a computer is infiltrated by malicious software. The Controller or Architect of a botnet is able to direct the activities of these compromised computers through communication channels formed by standards-based network protocols such as IRC and HTTP.
Computers can be co-opted into a botnet when they execute malicious software. This can be accomplished by luring users into making downloads, exploiting web browser vulnerabilities, or simply by tricking the users into running a Trojan horse program, which may actually originate from an email attachment. Typically, these could be the messages that entice unsuspecting users who walk into traps such as “your email id has won $500,000 …” or emails which appear to have originated from a known contact but have no body / content and once opened apparently does nothing!
So don’t fall for such emails since they could typically “install” malware that allow the computer to be commanded and controlled by the botnet’s operator. The term “botnet” can thus be used to refer to any group of computers, but the term is generally used to refer to a collection of computers that have been “recruited” by running malicious software.
Last Tuesday, computer experts, coaxed internet service providers to cut off the botnet’s command and control servers in Panama and the Netherlands, delivering a major blow to Grum. The botnets architects were quick to respond by setting up new servers in Russia instead. These were traced by US and UK based security firms who worked with the local service providers in Russia to shut down servers which ran the infected machines.
Security experts are now confident they have arrested the Grum botnet in its tracks. Not much is known about the financials involved in running botnets but we are assuming that a considerable amount of money will be changing hands, considering that they send billions of messages out every single day. Lot of hard work, huh?
Countries such as Russia, Panama and Ukraine which were supposed to be safe havens for “bot herders” so far are being persuaded to extend cooperation. Of late, the tech community such as Microsoft, Symantec have upped their efforts to attack and take the botnets head-on. With all these bot-fighters we truly hope to see an Inbox which has more relevant messages than simply ‘irrestible’ email offers!