Davis McCarn Posted February 2, 2007 Share Posted February 2, 2007 I will probably never know if I made the wrong person mad or the guys just decided they liked my domain names; but, the methods being employed are themselves devious enough..... In December, I read about a highly successful, Russian group, that had created botnet clusters of 500 systems each and that they had an estimated 100 of these clusters spread around the globe (50,000 systems!) Each cluster was handed a given spam, a list to send it to, and the result was an almost doubling of spam worldwide. About two weeks ago, I began receiving thousands of the same spam (with a twist I'll get to in a minute) and hundreds of out-of-office replies or undeliverables. Examining the spam disclosed that they had come from hundreds of different computers, so trying to report the abuse to a gazillion ISP's seemed like a fruitless effort to me. Here is the twist. Even though the body of the E-Mail was identical, the link it contained to purchase was different; with over a hundred different domains so far. Getting the WHOIS info for those domains revealed they were registered to the same guy! So, the scheme is to register hundreds of domains, create the spam with the domain as another plug in variable, and then utilize a botnet to distribute them. The first guy was in London and reports to the FBI, the UK government, and Registerfly (his registrar) seem to have hurt his business. The one that just started today is a guy in Florida. If you have any comments on what I have outlined I would love to hear them and do you think it was Registerfly the clobbered the first guy, the FBI, or the UK? Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.