Next Generation Spam Zombies Will Use Data Mining

branewashd writes "The Globe and Mail is covering some new research on the future of spam. The paper 'Spam Zombies from Outer Space', from researchers at the University of Calgary, will be presented on Sunday at the European Institute for Computer Anti-Virus Research conference. According to the paper, the next generation of spam zombies will employ 'sophisticated data mining of their victims saved email'. When a computer is turned into a spam zombie, it will first be mined of its address book, mail client configuration, and mail archives. Then the spam program will use Natural Language Processing techniques to send spam messages to the victim's contacts that look a lot like messages that the user has previously sent. The researchers predict that this will be extremely hard to detect, but they do offer a few suggestions for combating it."

How to kill a zombie

[Ohreally_factor]

The researchers predict that this will be extremely hard to detect, but they do offer a few suggestions for combating it.

You have to destroy its brain, of course [portlandmercury.com].

That's not data mining. It's just copying data

[etully]

Pet Peeve: Data mining is about making statistical inferences based on a large group of data and extracting patterns that nobody saw before.
Examining someone's address book, copying an email in the Outbox, and inserting junk in the middle of that is no more than low tech vandalism.

Re:who is buying-when no one is selling

[Anonymous Coward]

It's being used to disable the Bayesian-style filters that tend to work on keywords. Basically the idea is to flood the filter with a lot of junk messages that give false positives, thus making the filters less effective as the user attempts to tag all these junk messages as spam.

Re:Spam Zombie?

[Kelson]

What does this exactly entail? Does the computer first have to be compromised? Spyware/spamware installed through a backdoor? I've lightly read through the paper and it does mention that some sort of malware may be present on the victim's machine.

Yes. This has been standard operating procedure for many spammers for about two years now. Virus, worm, and spyware authors set up backdoors through which compromised computers can be loaded with spam-sending software. Then they sell access to these botnets on the black market. Spammers use software designed to blast out commands to dozens or hundreds of bots sitting in homes, businesses and elsewhere, which then spew their virtual sludge across the internet.

The hardcore spammers effectively have infinite processing power and bandwidth, since they can distribute the load across a botnet, and when the same spam run is coming a few messages at a time from hundreds of IP addresses, it's a lot harder to blacklist by IP. That's why many ISPs have started filtering outgoing SMTP traffic, and why blacklists have cropped up that just block any incoming mail from dynamic IP space.

Re:How to kill a zombie

[Anonymous Coward]

I love how a post that consists entirely of a joke referring to the horror movie genre is moderated Informative -- twice -- rather than something more accurate like, I don't know, FUNNY?

Gotta love slashdot.