18 June 2007 09:03 GMT
The little spammer that couldn't
I guess we all make mistakes from time to time and it really does pay to check your work. It might save you from embarassing little errors, like say, spamming out your ratware (spamming software) config file, complete with login credentials, instead of the spam message.
We started receiving this campaign over the weekend. It still seems to be running at least 24 hours later. Don’t you hate that ’set and forget’ button!
Here’s a snippet of body (the config file):
debug_unk_user = false
num_dns_tries = 6
slow_start_count = 8000
user_agent_in_alt_position = true
debug_to_console = false
#use_helo_isphost = true
proxy_account_per_email = false
filter_hosts = true
#defer_filtered = true
.
.
.
While its fun to gently poke fun at the spammers mistake, situations such as this are not as uncommon as you might think. Receiving such information is useful, in that it gives us insight into the complexity of the ratware and the methods used. And that allows us to better protect you.
Neil, SophosLabs AU
