|WarXchild Says |
Spammers are mining peer-to-peer (P2P) networks for addresses, and finding it lucrative work, a security expert said Tuesday.
According to Eran Reshef, the chief executive and co-founder of Blue Security, sophisticated and smart spammers are harvesting e-mail addresses from systems linked to P2P networks via such software as eDonkey 2000 and Gnutella.
"TheyÃ¢â‚¬â„¢re going into P2P networks and harvesting addresses accidentally shared, then spamming every address they find," said Reshef.
P2P harvesting is very different from the better-known directory harvest attack (DHA), which is when spammerÃ¢â‚¬â„¢s flood mail servers with thousands of address variations, hoping to get a response when a valid address is queried. P2P harvesting relies on novice file-sharing users who mistakenly set their software to share more than just one or two directories on their PC.
"All it takes is one person you know, who youÃ¢â‚¬â„¢ve sent an e-mail address," said Reshef. "This friend of yours has your e-mail address somewhere in his files, likely in his Outlook .pst file. He doesnÃ¢â‚¬â„¢t know P2P, and rather than share just some songs, sets the file-sharing software to share his entire hard drive, including his Outlook .pst file for spammers to find and see."
All a spammer has to do, added Reshef, is connect to a file-sharing network and then search for strings such as "email" or "e-mail" or "Outlook.pst."
ThatÃ¢â‚¬â„¢s exactly what Blue Security, which has yet to launch its first service, a "do-not-disturb" anti-spam and anti- spyware list, did. To scout out the scope of the P2P harvesting problem, Blue Security set up 500 virgin e-mail accounts, listed those addresses in several files on a PC connected to the eDonkey 2000 and Gnutella file-sharing networks, and shared the directories the files were in.
Within a day, those new addresses received more than 100 pieces of spam. Within three days, the number had jumped to over 300 spams. Even two weeks later, those addresses were collecting more than 100 messages per day.
"Addresses found in a P2P harvest are likely to be spammed for a long time as the addresses are harvested and re-harvested by new spammers," said Reshef. "TheyÃ¢â‚¬â„¢re likely to stay on the network and simply circulate."
More & Source: http://www.techweb.com/wire/security/160902721