• Weather
• Transportation/Traffic
• Consumer
• Education
• Environment
• Politics
• Election '08
• Real Estate
• Webtowns/Neighborhoods
• Under the Needle
• Obituaries
• Special Reports
• Corrections

• Election '08
• U.S.
• Washington, D.C.
• Africa
• Asia
• Australia
• Canada
• Europe
• Latin America
• Middle East

• Mariners/MLB
• Seahawks/NFL
• NBA
• Storm/WNBA
• Sounders FC/Soccer
• College Football
• College Basketball
• Olympics
• High Schools
• Snow Sports
• Other Sports
• Art Thiel
• Jim Moore

• Tech
• Boeing
• Microsoft
• Bill Virgin
• Real Estate
• Wire
• Tech Wire
• Personal Finance
• Sci-Tech

• Event Calendar
• Movies - Showtimes
• TV & Radio - Listings
• Restaurants/Dining
• Music
• Local Bands
• Books
• Video Games
• Theater/Fine Arts
• People
• A&E Wire
• Going Out
• Staying In

• Pets
• Food
• Seattle@Home
• NW Gardens
• Getaways/Outdoors
• Snow Sports
• Visitors Guide
• Health & Fitness
• Fashion
• Parenting
• MomSeattle
• DadSeattle
• Advice Columnists
• Horoscope
• Wheels

• Comics & Games
• Crossword

• Photos
• MySeattlePix
• Multimedia
• AP Video
• Buy Photos

• Editorials
• Letters
• David Horsey
• Forums
• Soundoffs
• Joel Connelly
• Robert Jamieson
• D. Parvaz
• Anthony Robinson
• Mary Swift

• Staff Blogs
• Reader Blogs
• Blog for us

• Home Delivery
• Temp Stops
• Mobile
• e-Edition
• E-mail Newsletters
• RSS Feeds
• P-I Reader
• Twitter

• Online ads
• Online text ads
• Newspaper ads
• Classified ads

• Search job listings
• Post a resume
• Career Center
• Post a job

• Search auto listings
• Research Center
• Sell a vehicle

• Search new developments
• Search all properties
• Sell a property

• Search all rentals
• Post a rental listing

• Classifieds
• Seattle Neighborhoods
• Shopping
• Restaurants
• Pets

Friday, October 28, 2005

Microsoft targets 'zombie' spam network
Effort includes a new legal tactic

By TODD BISHOP
SEATTLE POST-INTELLIGENCER REPORTER

Microsoft Corp. says it is pursuing the people behind a "zombie" e-mail spam network that it traced through an unusual method -- purposely infecting a computer with malicious code. The effort includes a lawsuit in which Microsoft takes a new legal tack in the fight against zombie operators.

		MORE ON THE LAWSUIT
	Read a copy of the Microsoft zombie lawsuit (PDF, 2.1 MB).

Zombie networks consist of computers that are hijacked -- in many cases through vulnerabilities in Microsoft Windows and other programs -- and used to send large volumes of e-mail spam, frequently without the knowledge of the computers' owners.

Microsoft said it found a computer user whose machine had been turned into a zombie and put the associated code on a test machine, to see what happened. Once on the Internet, the company says, the infected machine received 5 million connections from spam operations using the network, causing the computer to attempt to send more than 18 million spam messages during a 20-day period.

"This was a pretty astonishing number for us," said Tim Cranton, Microsoft's director of Internet Safety Enforcement Programs. "We knew that it would be a high volume, but this was an even greater volume of spam than we had anticipated passing through one computer."

The computer was quarantined to prevent it from actually sending the messages, but Microsoft used the information it gleaned about the zombie network to file suit in King County Superior Court in August against a series of anonymous defendants.

The company expects to be able to use the legal process to identify and pursue about a dozen spam operations that it believes used the zombie network that its test computer joined.

The company also hopes to use the suit to identify the people who created the zombie network, Cranton said. Beyond the company's civil action, it hopes to turn over information to authorities for potential criminal prosecution. Microsoft also may repeat the experiment in the future to try to identify additional zombie operations.

Microsoft announced the lawsuit in Washington, D.C., in conjunction with an effort by the Federal Trade Commission and the group Consumer Action to raise the awareness of zombie networks, and ways of preventing computers from being susceptible to them.

The rising use of persistent broadband connections translates into more targets for people looking to assemble zombie networks, said Laura Yecies, general manager of the consumer division at the Internet security company Zone Labs.

The company sees a large amount of spam coming from zombie networks, said Jon Orbeton, a Zone Labs technical product manager. The people who assemble zombie networks are able to turn around and sell access to the hijacked computers for large sums.

"It's lucrative," Orbeton said. "Anything that's lucrative in that way tends to expand and become more refined and more sophisticated as time goes on."

Microsoft has filed more than 100 lawsuits against alleged spam operations, but previous cases have focused on deceptive practices in the e-mails themselves, such as falsification of origin.

The latest suit goes further by focusing on a major source of the problem, the illicit hijacking of the computers used to send the spam e-mails. The suit cites industry research showing that 50 percent to 80 percent of spam is sent through zombie networks.

Microsoft's legal actions represent a drop in the bucket compared with the overall volume of spam, but they are part of a broader effort by the company and others to discourage spammers and make the practice less profitable.

FIGHTING ZOMBIES

Tips on stopping your PC from joining a zombie network:

• Use a firewall

• Install security patches

• Use up-to-date anti-virus and anti-spyware software

• Be wary of e-mail attachments

More info: onguardonline.gov

Sources: Microsoft Corp., FTC

Add P-I Business headlines to
My web site My Yahoo! Google More options