- Re: Neighbor Tanning Nude 2050
- Posted by Nick FitzGerald on August 1st, 2003
<null@zilch.com> wrote:
The binary didn't make it to my ISp's news server, but anyway, it is part of
a very widespread Usenet spamming of Spybot -- a few thousand such copies have
been posted to (mainly to alt.binaries.* and especially alt.binaries.*erotic*
and alt.binaries.*picture*) newsgroups over the last few days.
--
Nick FitzGerald
- Posted by null@zilch.com on August 1st, 2003
On Fri, 1 Aug 2003 22:04:42 +1200, "Nick FitzGerald"
<nick@virus-l.demon.co.uk> wrote:
Since McAfee also alerted I did send a email to the abuse address
given in the header.
Art
http://www.epix.net/~artnpeg
- Posted by Frans Meijer on August 2nd, 2003
On Sat, 2 Aug 2003 12:43:41 +1200, "Nick FitzGerald"
<nick@virus-l.demon.co.uk> wrote:
Notifying the listed abuse address may help to get such a host cleaned up.
- Posted by Nick FitzGerald on August 3rd, 2003
"Frans Meijer" <nimmer@fenke.xs4all.nl> wrote:
Yes, it may, but the point is that these "storms" of backdoors and droppers
that regulrarly hit the binaries/erotica groups (and sometimes others too)
are sent through what is most likely a veritable "army" of compromised
machines. Remember, some of the bot nets comprised of self-spreading agents
have been clocked in the 40,000 - 120,000 size range, so there are is
clearly a great deal of scope out there for compromising machines and
getting your bots or agents onto them.
By all means complain to the abuse addresses, but in cases like this please
don't imagine that it is doing anything to dissuade the actual process or
the real Usenet spammer behind it (the odds are exceptionally high that s/he
will have moved on without so much as noticing, and in the time it takes for
you to get network access for one machine s/he may try to return to, another
5,000 (?? 50,000, whatever) equally chronically insecure machines will have
been added to Internet...
--
Nick FitzGerald
