A Weblog About Topics and Issues Discussed in the Book Spam Kings by Brian McWilliams

« Smith violates pre-trial release | Main

October 27, 2005

Microsoft's decoy zombie

Microsoft said it has filed "John Doe" lawsuits against the operators of 13 spam organizations that use illegal "zombie" computers to send their spam. The company held a press conference today with officials from the Federal Trade Commission to announce the lawsuits, filed in Washington State's King Country court on August 17.

Microsoft tracked down the spam operations by intentionally infecting a PC with some malicious code known to turn unprotected computers into zombies. (Tim Cranton, director of Microsoft’s Internet Safety Enforcement programs, explained the process (mp3 audio) at the news conference in Washington, D.C. today.)

The company said that within 20 days, the PC received more than 5 million connections that resulted in requests to send 18 million spam e-mails. These requests contained advertisements for more than 13,000 unique domains. (Microsoft said it "cordoned off" its zombie to prevent it from actually sending out any spams.)

"Honey pot" or "spam trap" email accounts are often created by ISPs and law enforcement to keep tabs on spam operations. But Microsoft's decoy zombie will give it a new perspective on spammers.

Armed with the information gained from this zombie, Microsoft is going to use subpoenas and other discovery tools to find out who's behind the IP addresses used to send spamming requests to the quarantined zombie, along with the identities of the operators of the Web sites advertised in the spam.

If I'm reading the King County court docket correctly, one of those subpoenas has already gone out to cable-Internet provider Adelphia Communications.

Microsoft said it hopes to amend the lawsuits in the coming months to name the actual spammers who used its decoy zombie.

Posted by brian at October 27, 2005 10:34 AM

Trackback Pings

TrackBack URL for this entry:


Post a comment

Remember Me?


© 2004, O'Reilly Media, Inc.

All trademarks and registered trademarks appearing on wethemedia.oreilly.com are the property of their respective owners.