spam - icir.org

If we control these …

… we can monitor & influence these

Types of Storm C&C Messages

•  Activation (report from bot to botmaster) •  Email address harvests •  Spamming instructions •  Delivery reports •  DDoS instructions •  FastFlux instructions •  HTTP proxy instructions •  Sniffed passwords report •  IFRAME injection/report

Spam campaign mechanics

HTTP proxies

Workers

Proxy bots

Botmaster

Campaign mechanics: harvest

HTTP proxies

Workers

Proxy bots

Botmaster

@ @ @ @

Campaign mechanics: spamming

HTTP proxies

Workers

Proxy bots

Botmaster

Campaign mechanics: spamming

HTTP proxies

Workers

Proxy bots

Botmaster

Campaign mechanics: reporting

HTTP proxies

Workers

Proxy bots

Botmaster

spam - icir.org

Documents

spam series

anti-spam spam manager user guide -...

spam filter

spam and anti spam techniques

new abuse report - afnic · google safe browsing domain...

casl vs can-spam - canada’s anti‐spam law

spam filters -...

clustering spam mit spam conference 2008 phil tom

spam, spam, spam, spam…

spam filters

spam excerpt

spam and anti-spam by aditi desai yousuf haider. agenda...

clustering spam

spam, spam and more...

introduction spam in society email spam im spam text spam...

doctor spam

fighting spam

hexamail guard anti-spam server spam filtering software -...

spam spam spam spam

the state of spam a monthly report – august 2007€¦ ·...