Large-scale German spam attacks
Large-scale e-mail flooding by German right-wing, political spam has been causing headaches for computer users and system administrators worldwide over the past few days. The messages contain xenophobic, anti-immigration propaganda as well as links to German-language, xenophobic websites. The flood began early last Thursday morning and is believed to have been designed to coincide with the European Union elections held last week.
Remotely controlled computers infected by the recent W32/Sober.G@mm virus have been used to send these e-mails to millions of computer users worldwide. This is the first time virus-infected "zombie" computers have been used to spread politically motivated spam on such a large scale. It is believed that the spammers may have worked hand in hand with the writers of W32/Sober.G@mm in order to take control of compromised machines and to create lists of e-mail addresses harvested from their hard-drives, resulting in this unprecedented spam attack.
A "zombie" is a computer that has been hijacked after a virus infection has compromised its security and that is used to send large quantities of spam without the computer's legitimate owner being aware of it. These computers are controlled remotely and, as a result, the origin of the spam is far harder for authorities to trace. Also, in this case the spammers do not appear to have had a financial incentive and are therefore not leaving a money trail by which they could otherwise be traced.
It is clear that if working with virus writers to spread propaganda via millions of unwarranted e-mail messages becomes a trend of extreme political activism then companies will need to rely increasingly heavily on antivirus and antispam e-mail filtering services in order to maintain active and efficient e-mail systems. The alternative? To put up with increasingly slow connection speeds and seriously overstuffed inboxes.
For more information on protecting your company's network against viruses and spam, please see our F-Prot AVES information page.