The little spammer that couldn’t

I guess we all make mistakes from time to time and it really does pay to check your work. It might save you from embarassing little errors, like say, spamming out your ratware (spamming software) config file, complete with login credentials, instead of the spam message.

We started receiving this campaign over the weekend. It still seems to be running at least 24 hours later. Don’t you hate that ’set and forget’ button!

Here’s a snippet of body (the config file):

debug_unk_user = false num_dns_tries = 6 slow_start_count = 8000 user_agent_in_alt_position = true debug_to_console = false #use_helo_isphost = true proxy_account_per_email = false filter_hosts = true #defer_filtered = true . . .

While its fun to gently poke fun at the spammers mistake, situations such as this are not as uncommon as you might think. Receiving such information is useful, in that it gives us insight into the complexity of the ratware and the methods used. And that allows us to better protect you.

Posted on June 18th, 2007 by Neil, SophosLabs AU
Filed under: General

Windows 7 security - A great leap forward or business as usual?

About SophosLabs

SophosLabs protects businesses from known and emerging malware - viruses, rootkits and spyware - and other computer threats like phishing, spam and scams. Learn more about the people who write this blog.

RSS feed

Hot video

International Kill-A-Zombie Day

SophosLabs blog