Becoming Slaves to Spam
First off, an apology to those of you who may feel I've harped on viruses and spam too much in recent months. If you're mightily sick of the subjects, I can't blame you. The problem is that life on the Internet is getting tougher because of these two scourges -- little strings of code that cause havoc on your computer and the network, and junk e-mails that clog up your inbox and mail servers -- and it's not about to get any easier. That's because, according to some experts, spammers and virus writers are joining forces to exploit us. And they may be using your computer to do it. I call it the Spiral (Spam/Viral? Get it?) of Evil.
It's like this. Before, virus writers were annoying little people with too much computer code in their heads and too much time on their hands. Sure, they wanted to be loved like everyone else, but the way they went about it was to write viruses, worms, Trojans (all pretty much the same thing) and unleash them onto the Net. Dumb, yes. Annoying, yes. But no ulterior motive other than the joy of watching their creation succeed in wreaking havoc.
Elsewhere, you had spammers. Also annoying little people with very specific goals: To make money by peddling junk e-mail. Then there was the problem that as folk wised up, spam got harder to sell. End users stopped reading it, let alone buying any of the dodgy products on offer; companies sprang up with ways of filtering out spam; Internet Service Providers got better at blocking it. The result: Spammers had to send a lot more spam to get the same returns.
Virus writers, meanwhile, were getting smarter. Viruses were no longer simple beasts, but complex, able to do lots of things at once: ransacking address books, hijacking computers, downloading extra programs, sending out hundreds of e-mails that looked as if they came from someone the recipient knew. Antivirus manufacturers were not able to keep up.
But here's the twist. Could it be that virus writers are no longer anarchists but subcontractors for spammers? Could it be that spammers -- under commercial pressure and unable to operate legally -- are hiring virus writers to do their dirty work for them? Could it be that the spam you receive is related to all the viruses you receive -- that they are part of the same Evil Spiral which has dragged the Internet to its knees in recent weeks? There are people who believe this, and they have good reason. Paul Wood, chief information-security analyst at MessageLabs, a U.S.-based Internet-security company, is one. "It's essentially an arms race between the spammers and anyone who wants to stop them," he says.
This is how it works: A virus -- Sobig, for example -- finds its way into your computer without your knowledge. Once there, it downloads a program called a wingate proxy server, a legitimate piece of code that turns your computer into a slave: The guy who wrote the virus can now effectively control your computer. Of course you don't know this, and even if you come back from holiday and, realizing that Sobig was on your computer, removed it, you still wouldn't. That's because most anti-virus programs won't consider the Wingate program a virus, and so will leave it alone. Meanwhile, Wingate will be firing off lots of virus-laden e-mails to everyone in your address book.
So far, all we've seen is a virus at work. A good one, but still just a virus. For you, it's just a nuisance. But it's what happens next that's worrying: The virus may start sending out spam. Not only that; your computer may start behaving like a spam Web site. (Spam is just junk mail; you still have to get interested members of the public into the store; in Internet terms that would mean a Web site, with pictures of the products on offer -- medication, pornographic material, or whatever.)
But now that spammers are under siege from the law, in some countries and states, they're not going to open up a legitimate store, or Web site, for fear of being hauled off to court. Instead, they use your hijacked computer as their shop window. So, spam sent from your computer may well be including Web site addresses that point back to your computer. Congratulations. You are now what they call an Open Proxy Server: a slave to spammers and virus writers.
You're not alone: It's a phenomenon that has appeared in the last few months, on the back of a huge increase in the number of home users with always-on broadband Internet connections. MessageLabs' Wood estimates 60%-70% of spam is now being sent by open proxy servers, three-quarters of them infected by viruses. Forty percent of those open proxies are home connections. "Last year it was impossible to say this phenomenon existed," says Wood. "Now spammers are using open proxies as their air supply."
Still, not being alone is not being safe. Do all the security measures I've suggested in past columns, and if you're in any doubt, hire someone to run a thorough check on your computer. If other members of your family use it, consider limiting their ability to download and install programs (something that Windows XP allows). The Spiral of Evil is not about to give up any time soon.
别成为垃圾邮件的奴隶
首先,我要为我在最近几个月对电脑病毒和垃圾邮件喋喋不休的谈论向读者致歉。如果你对这个话题感到厌倦,我不会怪你。问题在于,正是这两个祸端让互联网上的生活变得越来越复杂:一串串编码让你的电脑和网络混乱不堪,而垃圾邮件更是阻塞了你的邮箱和伺服器。一些专家认为,垃圾邮件发送者和电脑病毒编写者正联合起来对付我们,而且他们也许正在利用你的电脑进行这些勾当。我称之为“邪恶的垃圾病毒”。
事情是这样的。过去编写病毒的通常是些头脑中满是电脑编码,手头又有大把时间的讨厌的家伙。不错,他们希望像常人一样得到关爱,但他们采用编写病毒,并在网上四处散播的形式来引人注目。当然是愚不可及而令人烦恼。但他们的最终目的无非是看著自己造成的混乱而幸灾乐祸。
还有垃圾邮件发送者。他们干扰常人的目的也很明确:通过兜售垃圾邮件来赚钱。可是,随著人们越变越聪明,叫卖这些邮件变得越来越难了。收件人根本不会阅读这些邮件,更别提购买上面推销的古怪产品了。企业则想出各种办法来过滤垃圾邮件。网络服务商们滤除垃圾邮件更是高招迭出。结果垃圾邮件发送者必须采取狂轰滥炸式的做法,才能获得与原先相同的效果。
与此同时,病毒编写者们也变得越来越聪明了。病毒没那么简单了,而是很复杂,一次能做很多事:破坏通讯地址和电脑、下载多余的程序,发送上百封让收件人以为来自某个熟人的电子邮件。杀毒软件生产商们实在跟不上病毒前进的步伐。
这里有个问题。病毒编写者们是否不再是一盘散沙,而是垃圾邮件的分包商?垃圾邮件发送者们在商业利益的驱动下,是否雇佣了病毒编写者来完成自己那肮脏的勾当?而你收到的垃圾邮件与所收到的病毒是否存在关联?它们是否同属于最近让互联网陷于瘫痪的“邪恶的垃圾病毒”?有人这么认为,而且理由充分。美国互联网安全公司Message Labs的首席信息安全分析师保罗?伍德(Paul Wood)就是其中之一。他说:“这是垃圾邮件发送者与想要阻止他们的人之间的较量。”
垃圾病毒的工作原理是这样的。举例来说,假设“巨无霸”(Sobig)病毒入侵了你的电脑,而你却毫无知觉。一旦入侵成功,它就开始下载名叫wingate代理伺服器的程序,这是一个合法的软件,但却能让你的电脑变成奴隶:编写“巨无霸”病毒的人现在就能有效地控制你的电脑了。当然,你对此一无所知。即使当你度假归来,发现“巨无霸”进入了自己的电脑,并加以删除,还是无济于事。原因是大多数杀毒软件不会认为wingate是病毒,因此不会删除它。与此同时,wingate软件会向你通讯录中的所有人发送大量带有病毒的邮件。
到目前为止,我们看到的是病毒。虽然它的破坏性很强,但它只是病毒。在你眼中,它只不过是令人讨厌的东西。但接下来发生的事可真让人忧心忡忡了:病毒也许会发送垃圾邮件。不仅如此,你的电脑也许会变成一个发送垃圾邮件的网站。
但现在,垃圾邮件发送者正受到法律的围攻。在某些国家和地区,他们不敢建立这样的网站,担心被送上法庭。于是,他们“劫持”你的电脑作为展示窗口。因此,从你的电脑中发出的垃圾邮件也许包括指向你的电脑的网址。可喜可贺--你现在成了所谓的公开代理侍服器(Open Proxy Server),变成了垃圾邮件发送者和病毒编写者的奴隶。
你可不是孤家寡人:这一现象已经存在好几个月了,表面看来,一直在宽频网络上的家庭用户数量突然激增。MessageLab的伍德估计,目前60%至70%的垃圾邮件是通过公开代理侍服器发送的,而其中的四分之三已被病毒感染。他说:“去年这种现象还根本不存在。但如今,垃圾邮件发送者正利用公开代理侍服器作为自己的供给。”
虽然这并非个别现象,但不意味著你就安全了。按照我在上几期里的建议,去做好所有的安全防范工作吧。如果你还存在任何疑问,请人对你的电脑进行彻底检查。如果你的家人要用电脑,考虑限制他们下载和安装软件的权限。“邪恶的垃圾病毒”在短时间内是不会善罢甘休的。
