Permission to quote from or reproduce Spamhaus News articles is granted automatically providing you state the source as Spamhaus and link to the news record.
|
|
 |
2013-04-26 GMT |
The Spamhaus Project offers congratulations and its sincere thanks to the Dutch Public Prosecution Service (OM), the Dutch National High Tech Crime Unit (NHTCU) of the Dutch Police Services... (>) |
|
|
2013-04-16 GMT |
| A number of Internet users are reporting a fresh version of a ransomware virus circulated by cyber criminals which exploits the name and image of Spamhaus to trick computer users into paying fake fines using MoneyPak. Computer users should know that no... (>) |
|
|
2013-03-28 GMT |
At this time The Spamhaus Project is getting more press enquiries than we can personally respond to. Below is a list with the most frequently asked questions, along with our answers. If you are in need of any additional information please do not hesitate to contact us but we cannot guarantee a quick response. Our staff are... (>) |
|
|
2013-03-05 GMT |
Some months ago a number of bloggers wrote about The Spamhaus Project's "new" spamtraps. Some asserted that we were suddenly targeting transactional messages. Others noticed the timing of new SBLs based on those "new" traps and one concluded that we had decided to publish our advisories during the Christmas season, the time... (>) |
|
|
2013-01-19 GMT |
During the past few weeks, Spamhaus has worked hard to shut down a botnet called "Virut".
Virut take down
Virut is a worm that spreads through removable drives such as USB sticks and network shares, but it also has file infection capabilities it uses to spread itself. Virut was first... (>) |
|
|
2012-10-01 GMT |
Hosting providers are increasingly asking Spamhaus how they can prevent so-called "fraudulent sign-ups" -- new customers whose only intention is to spam, host malware, host botnet controllers, or engage in other activities that are forbidden by the hosting provider's acceptable use policy (AUP). Such customers normally... (>) |
|
|
2012-08-16 GMT |
In July 2012, FireEye in cooperation with other security organisations, such as Spamhaus, took down the Grum botnet. At that time Grum was the third largest... (>) |
|
|
2012-06-12 GMT |
Geneva, 12 June 2012
Today the Spamhaus Project announces the release of a new service -- the Spamhaus BGP feed (BGPf). The BGPf serves three Spamhaus lists by using the Border Gateway Protocol (BGP). It is intended to be used primarily by Internet Service Providers (ISPs), web hosting providers, and network... (>) |
|
|
2012-06-06 GMT |
| On 6 June 2012 many major internet service providers (ISPs), home networking equipment manufacturers, and web companies around the world are uniting to redefine the global Internet and permanently enable IPv6 for their products and... (>) |
|
|
2012-05-09 GMT |
| Any account on a legitimate mail server is a valuable resource to a spammer or cybercriminal because it gives access to a server that is unlikely to be blocked from sending email. A spammer can use an account on a legitimate mail server to spam, and reach many more people than if he sent email from an IP that does not host a... (>) |
|
|
2012-05-03 GMT |
Long time ROKSO-listed spammer Brian "Dr. HGH" McDaid is finally going to pay for his crimes.
This week, in a Philadelphia court, US federal court Judge... (>) |
|
|
2012-03-22 GMT |
| In November 2011, new terms and conditions (T&C's) for registering .ru domains were put out by the Coordination Center for the Top Level Domain RU (cctld.ru). The following paragraphs of the new T&C are important to Spamhaus' mission to fight against spam and... (>) |
|
|
2011-12-23 GMT |
| Spamhaus has observed a newer type of distributed denial-of-service attack (DDoS) which has only recently become popular among cybercriminals. In just the past month, several attacks using this method have been investigated by private security firms and law enforcement agencies. During December 2011, Spamhaus sustained an SNMP... (>) |
|
|
2011-11-15 GMT |
| After the November 9, 2011 successful law-enforcement dismantling of a huge cybercrime network in an operation dubbed 'Ghost Click', questions were raised as to what Internet Service Providers (ISPs) could have been doing to protect their users, and the internet, from this... (>) |
|
|
2011-11-09 GMT |
| On November 9, 2011 the FBI announced the successful dismantling of a huge cybercrime network in an operation dubbed 'Ghost Click'. The target of this joint US and Estonian law enforcement operation is the ROKSO listed gang Rove... (>) |
|
|
2011-11-01 GMT |
| This week sees the arrival of LondonCyber, a conference organised by the British Government's Foreign Office and reported to have been so thoroughly stage-managed that the media have been carefully kettled away in a special media centre to ensure they are not allowed to directly interact with any of the attendees.
While many... (>) |
|
|
2011-10-14 GMT |
| If The Netherlands has penalties for filing false reports and wasting police time, Dutch ISP 'A2B Internet' will be looking at a hefty fine. The owner of the small Dutch transit ISP claimed on Tuesday 11 Oct to have filed a report with local police in the Dutch region of Zaanstreek-Waterland accusing Spamhaus of "extortion" and... (>) |
|
|
2011-10-03 GMT |
| If one admonishes for poor practice, one should encourage better practice.
On Friday we wrote about an email sent by the UK tax office the formatting of which was ill advised (see (>) |
|
|
2011-09-30 GMT |
| Phishing. Broadly speaking, sending out emails which misdirect people to supply confidential information to miscreants. One such ruse in the UK has been to send out tax rebate emails purporting to come from the UK tax office, .
So on Friday, in a stroke of genius,... (>) |
|
|
2011-09-05 GMT |
| On the 2nd September 2011 Spamhaus was successful in its final appeal which reduced a baseless $11.7 million default judgment down to $3 (three dollars). Twice before, the US Court of Appeals for the Seventh Circuit had vacated judgments made by an Illinois District Court which had twice awarded fabricated 'lost profits' to an... (>) |
|
|
2011-06-10 GMT |
All too frequently electronic security breaches result from some form of social engineering trick which entices a user to visit a harmful website by providing a clickable link (URL) with a specially-registered domain which ultimately leads to the user being defrauded or their machine being infected with malware.
Once... (>) |
|
|
2011-06-06 GMT |
| The Spamhaus Project has released a document outlining Spamhaus' strategy with respect to Spamhaus' IP blocklists and their future in an IPv6 enabled world. Entitled "Spamhaus IPv6 Blocklists Strategy Statement", the document focuses exclusively on IPv6 DNS-based blocklists and gives technical details of how Spamhaus plans to... (>) |
|
|
2011-03-03 GMT |
| 5 March 2011: One year ago this week, The Spamhaus Project released a new spam-blocking advisory list for the world's internet users. Its focus was on the domain side of email filtering. Called the Domain Block List, the DBL has now been in worldwide use for a full year. The reported... (>) |
|
|
2010-12-14 GMT |
| On Monday Spamhaus became aware that the main Wikileaks website, wikileaks.org, was redirecting web traffic to a 3rd party mirror site, mirror.wikileaks.info. This new web site is hosted in a very dangerous "neighborhood", Webalta's 92.241.160.0/19 IP address space, a "blackhat" network which Spamhaus believes caters primarily... (>) |
|
|
2010-11-29 GMT |
| Spamhaus.org has been a frequent target of forged e-mails over the years and once again we're seeing a rise in those sorts of spam messages. This time email messages pretending to come from Spamhaus are a social engineering attempt ("phish") to lure victims into installing malware on their computers. Don't fall for... (>) |
|
|
2010-10-18 GMT |
| When it became clear that the UK's National Security Strategy (published today) would highlight "Cybersecurity" as one of the most serious threats to the United Kingdom's security, the media were most querulous. Even some of the more experienced journalists seemed to pour immediate scorn on the suggestion that... (>) |
|
|
2010-09-26 GMT |
| The Spamhaus Project has released a whitelist called the Spamhaus Whitelist. Long awaited in the industry, the Spamhaus Whitelist allows internet mail servers to separate incoming email traffic into 3 categories: Good, Bad and Unknown, allowing mail server operators to block known bad email traffic, let known good email traffic... (>) |
|
|
2010-08-20 GMT |
| "Spamhaus Blocks Gmail" - A catchy headline which certainly got the twitterati going. However, it wasn't true.
Recently some IT websites, including Softpedia and Sucuri, erroneously issued reports of Spamhaus' SBL blocking Gmail. These reports are not true. Google's Gmail service has never been listed in, or... (>) |
|
|
2010-03-04 GMT |
| Leaving a wake of over 12 years of criminal spamming and trillions of sent junk emails behind him, long time ROKSO-listed spammer Alan Ralsky is finally behind the walls of a US Federal Prison.
After pleading guilty to multiple federal criminal charges, and after time extensions to "get his affairs in order", Ralsky reported... (>) |
|
|
2010-03-01 GMT |
| 1 March 2010: The Spamhaus Project is proud to release its newest spam-blocking advisory list to the world's internet users, this time focused on the domain side of email filtering. Called simply the Domain Block List, the DBL has been in beta testing for much of 2009 on production ISPs... (>) |
|
|
2010-02-03 GMT |
| The idea of "opt in" is central to the legitimate, non-spam use of bulk e-mail. Without "opt in" policies, any and all e-mail addresses will be spammed relentlessly until they "opt out", and likely even after that. "Opt in" means that the recipient--the e-mail address owner--knowingly and intentionally subscribes to a specific... (>) |
|
|
2010-01-15 GMT |
| Unfortunatly for Renukanth Subramaniam, the "loner with a modest lifestyle" who helped run the secretive website where cybercriminals traded stolen credit card data, his friends will probably be fellow inmates in a Her Majesty's Prison Service institution.
Subramaniam was remanded into custody in London after earlier... (>) |
|
|
2009-12-17 GMT |
| China Internet Network Information Center (CNNIC) - China's own domain regulator - last week criticised Xinnet.com and some other Chinese registrars for the excessive inaccuracy in registration information (called "Whois" data).
From this week, buyers of ".cn" Country Code Top Level Domains (ccTLDs) are... (>) |
|
|
2009-12-07 GMT |
| In October, Comcast Corporation, the USA's largest provider of high-speed Internet to private homes, announced the roll-out of its new Constant Guard security initiative. The system will provide in-browser notifications about possible virus infections. If the system detects a possible problem, a "service notice" will appear... (>) |
|
|
2009-12-03 GMT |
| On the two-month anniversary of our announcement of the Spamhaus CSS, we thought it's time to take a look at its effect against this type of spamming. As we had mentioned, while filtering methods for botnet spam are now quite effective, a new breed of static-IP address spammers had evolved, and their spam was evading many... (>) |
|
|
2009-11-30 GMT |
The Herbalking aftermath continues with a US federal judge ordering ringleader Lance Atkinson to pay the US Federal Trade Commission (FTC) a hefty US$15.5 million (£9.4 million). After already admitting his involvement to the New Zealand authorities last year now the FTC steps in with its findings:
The spam... (>) |
|
|
2009-11-20 GMT |
| Two New Zealanders well known to Spamhaus have been fined for their roles in the biggest pharmaceutical spamming operation in the history of the internet, officials of the nation's Department of Internal Affairs (DIA) said on Monday.
They were part of a business based in Christchurch that sent more than two million... (>) |
|
|
2009-10-03 GMT |
While filtering methods for botnet spam are now quite effective, a new breed of static-IP address spammers has evolved, and their spam evades many filters. It is time to target the next great spam problem, "snowshoe" spam.
The Problem of... (>) |
|
|
2009-06-16 GMT |
There is nothing like a visual representation to show how botnet spam traffic dries up when a major eastern European run host (in this case, USA routed) of the botnet Command & Control systems (C&C) is shut down. Below is a report from the CBL botnet spam detection system on the effect of a recent shut down.
These... (>) |
|
|
2009-05-30 GMT |
| During the last week of May, 2009, some senders experienced mail rejected by yahoo.com which referenced Spamhaus PBL data. But when they looked up their IP address, it was not in any Spamhaus list. The error was not consistent, and sometimes resubmitting a message might result in its delivery. Yahoo! is aware of the problem and... (>) |
|
|
2009-05-19 GMT |
| Last month we mentioned upcoming changes to ISP's PBL Account pages. We're pleased to announce that the first phase of those improvements is now up and running. While not visible to the public, an ISP logging in to their PBL Account will immediately see the upgrades.
The new ISP PBL Account pages:
|
|
|
2009-04-13 GMT |
| We'd like to show you what some typical broadband space looks like in terms of spam-sending bots and Policy Block List (PBL) listings. Let's sample a few chunks of IPv4 space, count the spam bots, and map them graphically to visualize what those ranges look like. These are just examples, conveniently chosen based on our... (>) |
|
|
2009-02-25 GMT |
| Snowshoe spamming has been around for many years but during 2008 a few USA spammers honed the technique to a fine edge. It has grown rapidly for the past year and there is no indication that it will cease in the foreseeable future. As of February 2009, snowshoe spamming accounts for... (>) |
|
|
2008-11-17 GMT |
| Following the October 2008 shut down of the largest US based host of trojan malware, botnet command and control systems (C&Cs) and DNS changer hosts (pharming), Intercage/Atrivo, another US based network specializing in hosting similar cybercrime has been taken off the Internet.
McColo is a bit different from... (>) |
|
|
2008-10-15 GMT |
| A person well known to Spamhaus, Judy Devenow, one of long time spamming kingpin and convicted felon Alan Ralsky's gang, plead guilty to conspiracy and aiding fraud in a US Federal court. She admitted she had sent millions of spam e-mails a day to generate excitement about junk stocks while working for Ralsky who... (>) |
|
|
2008-10-14 GMT |
| The #1 worst spam gang on the Internet for much of 2007 and 2008, and active since at least 2005, has been indicted by the US Federal Trade Commission (FTC) in conjunction with simultaneous charges in New Zealand and possibly Australia & India. Several co-conspirators formed the... (>) |
|
|
2008-09-16 GMT |
| Or "Frea Speach," as spammers write with their notoriously bad spelling while yammering about their right to send spam. There is no right to send spam, of course, let alone anonymously. Almost a decade ago, in their decisions in AOL vs. Cyberpromo and Earthlink vs. Cyberpromo, U.S. courts of appeal ruled that spam is theft of... (>) |
|
|
2008-08-29 GMT |
| When cybercrime is mentioned it never takes long for Russia and the Ukraine to enter the picture. However, while a lot of cybercriminals are based in those countries, a lot of their infrastructure is housed in the west, in the United States to be precise.
Without exception, all of the major security organizations on the... (>) |
|
|
2008-08-11 GMT |
| Closed Loop Confirmed Opt In is the full technical term for the best opt-in subscription practice around. But whether you call it Confirmed, Verified, Double or any other adjective it still means the same thing: "Hey you! Subscriber! Is this really you who signed up for this list? Unless you respond, we won't send you more... (>) |
|
|
2008-07-25 GMT |
| There is lots of spam going around with funny subjects like "Mike Tyson to Fight Michael Jackson" or "Afghanistan to be 51st US State", or other equally absurd lines designed to hook unwary recipients into clicking the URL in the spam. Unfortunately, the results of following that link are not at all funny. The victim's computer... (>) |
|
|
2008-06-27 GMT |
| A lot of people are using our SBL and XBL lists to guard their mail infrastructure against the incoming floods of spam. While we encourage all SBL-XBL users to switch to ZEN to check the connecting IP, the SBL-XBL combination still has a very powerful, but lesser-known application area: use it against spamvertized URLs in the... (>) |
|
|
2008-03-16 GMT |
| There's been a lot of use of the term "ecosystem" in the e-mail industry lately. It's a good description of the complex environment that has grown up around Simple Mail Transport Protocol; it's no longer simple. But, like any ecosystem, it has many subsystems and niches within it. Among spammers in general, the... (>) |
|
|
2008-02-15 GMT |
| (From a discussion in a private anti-abuse industry workgroup list in November 2007 regarding the need for extensive restructuring of e-mail systems due to spam; reproduced with permission...)
Someone Else... (>) |
|
|
2008-01-29 GMT |
| One year ago this month, Spamhaus launched the Policy Block List, also known as the PBL. Now a year later we look back to see what effect it has had.
The PBL was created to be used together with our other DNSBL zones, the SBL and... (>) |
|
|
2008-01-11 GMT |
| As reported by the Detroit Free Press on January 9, 2008, spammer Alan Ralsky of West Bloomfield, Michigan was brought into U.S. District Court in Detroit in handcuffs, escorted by FBI and US Postal Inspection Service agents who met him at the Detroit Metro Airport upon his return from Germany.
Spamhaus was pleased... (>) |
|
|
2008-01-03 GMT |
| The US Department of Justice went public on January 3rd with the indictment of Alan Ralsky and 10 others who helped him. Ralsky topped our Top 10 Worst Spammers list for quite some... (>) |
|
|
2008-01-01 GMT |
| Anyone remotely involved in the fight against spam has heard of the Storm worm. While Storm has used a variety of social engineering tricks to propagate, the e-card method has always been a popular one. What better a moment to send an e-card than in this holiday season? That's probably why the... (>) |
|
|
2007-11-16 GMT |
| When the routes to the older IP address mapped to the Russian Business network began to no longer route on the internet, Spamhaus noticed a new set of IP addresses and ASN numbers mapping into the same upstream network. The Whois data for these showed Chinese company names and .cn/.tw email addresses.
... (>) |
|
|
2007-05-30 GMT |
| On May 30, 2007, one of the most persistent professional spammers, Robert Alan Soloway, was indicted by a grand jury in Seattle, Washington, on charges that include fraud, money laundering, and
identity theft. The indictment followed a years-long joint
investigation by the Washington State Attorney General's Office,... (>) |
|
|
2006-09-08 GMT |
| Microsoft Corporation has won what could be the largest award against a spammer in Europe thus far. Paul Fox, whose e-mail messages were intended to direct people toward his pornographic websites, was forced by a court order to pay Microsoft 45,000 pounds ($84,177) for breaching the terms and conditions of Microsoft's free... (>) |
|
|
2005-06-23 GMT |
| The Australian Communications Authority (ACA) has taken action against a spammer in the first case to be brought under Australia's Spam Act.
Spammer Wayne Mansfield, listed in Spamhaus ROKSO database, is charged with sending at least 56 million commercial emails in twelve months after the Spam Act 2003 commenced in April... (>) |
|
|
2005-04-27 GMT |
| During two keynote speeches at the Infosecurity Europe conference at Olympia (London UK), Lord Harris of Haringey warned the UK government of the serious threat to Critical National Infrastructure posed by groups of E-vandals and criminal gangs, and the fact that the UK has neither systematic protection nor a response strategy... (>) |
|
|
2005-02-03 GMT |
| Spam, now at 75% of all email traffic arriving at most ISPs mail servers, has come mainly from two types of source - either sent directly by the spammer, or sent by the spammer through a hijacked computer (proxy). For most anti-spam systems these two sources have been relatively easy to deal with, as they can both be... (>) |
|
|
2004-11-04 GMT |
| [Update: The 9 year sentence was overturned on appeal, the spammer did go to prison for other crimes]
Jeremy Jaynes of Raleigh, North Carolina, a prolific spammer who operated using the alias 'Gaven Stubberfield' and was listed by Spamhaus' ROKSO database as being the 8th most prolific spammer in the world, has been... (>) |
|
|
2004-07-19 GMT |
| United Nations - World Summit on the Information Society
International Telecommunication Union (ITU)
Geneva, Switzerland
The message conveyed by the UN spam conference to the delegates from 60 countries was clear, spam in July was 76% of all email, is now costing national economies US$25 Billion a year, the problem continues... (>) |
|
|
2004-04-29 GMT |
| For many months the Spamhaus team have been working with teams from Law Enforcement Agencies in the United States and United Kingdom helping put together cases against the known spammers. We are very pleased to see arrests of spammers by the FTC now taking place, and look forward to the many more arrests we know are on the way... (>) |
|
|
2004-01-01 GMT |
| London, 1 January 2004
To help stop the rising tide of spam coming from illegal 3rd party exploits, the Spamhaus Project today released the Exploits Block List (XBL), a realtime DNS-based database of IP addresses of illegal 3rd party exploits, including open proxies (HTTP, socks, AnalogX, wingate, etc), worms/viruses with... (>) |
|
|
2003-11-22 GMT |
| Against the advice of all anti-spam organizations, the U.S. House of Representatives has passed the CAN-SPAM Act, a bill backed overwhelmingly by spammers and dubbed the "YOU-CAN-SPAM" Act because it legalizes spamming instead of banning it. Spam King Alan Ralsky told reporters the passage of the House bill "made... (>) |
|
|
2003-11-02 GMT |
| A new virus released by spammers on Saturday 1st November is infecting computers worldwide, and this time the purpose of the virus is to attack www.Spamhaus.org. The W32.Mimail.E virus is the latest in a string of viruses, each one released by spammers for the purpose of creating a vast worldwide network of spam-sending... (>) |
|
|
2003-05-14 GMT |
| The word Spam means "Unsolicited Bulk Email". Unsolicited means that the Recipient has not granted verifiable permission for the message to be sent. Bulk means that the message is sent as part of a larger collection of messages, all having substantively identical content. But ask a spammer and he'll claim spam is... (>) |
|
|
2003-04-30 GMT |
| The State of Virginia on Tuesday 29th April 2003 enacted the toughest anti-spam legislation of any US State so far, imposing harsh felony penalties for sending spam to computer users through deceptive means. Spammers who send Unsolicited Bulk Email to or from Virginia with a bogus return address, or via exploits such as stolen... (>) |
|
|
2002-05-30 GMT |
| The European Parliament has decided to accept the Council's Common Position which would require senders of advertisements by "electronic mail" to have the recipient's prior consent. "Electronic mail" is defined broadly enough so as to include text messaging systems based on mobile telephony in addition to... (>) |
|
