Browser hijack, spam and e-mail problems – update

Posted on by Gilbert Van Kerckhove

China Netcom: finally real progress
In Beijing China Netcom has gone through some serious improvements in its Internet network.
I waited about two weeks to sum up the verdicts to be on the safe side.
The browser hijack did not return so that would clearly indicate the infection was in the network and not in our PC and Mac. That’s at least a big relief.
E-mail download difficulties have basically disappeared too, though in the last week of September the Amcham-Sinofile mails got stuck again in the filter, for no apparent reason. The filter is getting smarter and seems to even filter web-based mails sent to other web-based e-mail addresses. Using the magic backdoor solved (and confirmed) the problem. Subsequent mails went through without any glitch. Weird. Some of the routers might still need some tuning. Our CISCO friends plead ignorance and allege the Chinese are the ones “using” the equipment. Oh well.
Speeds have really picked up. I notice downloads now often go at far over 120KB/s which is here a luxury.
Spam at the China Netcom addresses (“public” e-mail addresses) remains down at 10% levels. Real relief.
Internet security: being paranoid is recommended
Internet security becomes really scary and few people seem to realize the extent of the threat:
– a hacker paralyzed the domain name provider Xinnet (the no. 2 in China), causing the collapse of 600,000 Chinese websites including Shanghai Daily
– botnets: a partial quote from 26 September, SCMP:
Networks of compromised personal computers, called botnets, are becoming entrenched in China’s broadband internet infrastructure, affecting about one in five desktop systems in the country and threatening the security of the government, the financial services sector and other industries, according to a report.
Botnets are remotely controlled by hackers and criminal organisations to perform targeted denial-of-service attacks, spread viruses or mass-mailing worms, send spam and perform phishing scams.
These have also been employed to abuse online advertising programs, install keylogging software to steal usernames and passwords, and sniff data traffic to harvest other confidential information.
Anti-virus software vendor Symantec’s 10th Internet Security Threat Report, released today, said China had the largest number of “zombie” machines – about 20% of the worldwide total of 4.7 million – monitored in the first six months of this year.
China became the second-highest source, after the United States, of internet attacks across Asia and the rest of the world during the period. It accounted for 10% of the attacking internet protocol addresses tracked globally by Symantec.
Beijing was the city with the largest number of active bot computers, accounting for almost 3% worldwide in the first half. Other cities in Greater China ranked in the top 10 most bot-infested sites included Guangzhou, Hangzhou, Shanghai and Taipei.
Attackers use automated techniques to scan specific network ranges and identify vulnerable systems, such as a machine running pirated software with no security patches, to install their bot program. The infected machine then responds to commands, usually via an internet relay chat channel, from so-called “bot herders”- computers tasked to lead and co-ordinate attacks.
Symantec found bot programs made up 22% of the volume of the top 50 malicious codes reported in the first half, compared with 20% in the second half of last year.
Amid its plague of zombie computers, China has only the fourth-highest number of known bot command-and-control servers, Symantec said. The US has the largest number, with 42% of the world’s bot herders.
In the first half, China remained the world’s second-most common country of origin for spam – the junk or unsolicited e-mail that has now become a delivery system of bot herders for phishing attempts, viruses and other malicious programs – accounting for 13% of all spam worldwide, behind the US with 58%.
– SPAM: not enough is done
For me they should treat those hackers and spammers as criminals. Maybe in China they can simply shoot them. Just look at how damage they do and how ineffective the clampdown is. To find those spammers should not be that difficult. They even promote their services, I regularly get their proposals. Some of them are well known.
China fined a known spammer for the first time, a Shenzhen company – US$625, not exactly a killer. At least regulations came out and it is a beginning. Estimates: Chinese netizens receive 50 billion junk mails in a year. The Internet Society of china is to train 1,000 mail service administrators starting in September to fight against spam, according to China Daily on 22 August.
Australia is leading the way and is investigating an Australian accused of sending more than 2 billion mails promoting Viagra in one year, renting 35 servers in the Netherlands, whose authorities are cooperating. According to Australian law, Australians can be prosecuted even if they use servers based outside of the country. Now, that’s a good start. When will the USA and Europe follow?

Leave a Reply

Your email address will not be published. Required fields are marked *