Apr 19, 2007 11:51 AM

Big Corps Busted Hosting Spam Zombies on Their Networks

Support Intelligence, a networking monitoring company, is busting some of the world’s largest corporations for having malware-infected or PWNED machines that are spewing spam from within corporate firewalls. Using spam honeypots (fake email addresses left laying around the internet for a spam bot to find) and reverse IP addresses lookups from spam headers, the company […]

boalogo Support Intelligence, a networking monitoring company, is busting some of the world's largest corporations for having malware-infected or PWNED machines that are spewing spam from within corporate firewalls. Using spam honeypots (fake email addresses left laying around the internet for a spam bot to find) and reverse IP addresses lookups from spam headers, the company has fingered Bank of America, Toshiba, Aflac (I never trusted that duck), AIG, and Business Week among others for having compromised machines on their networks.

UPDATE: AFLAC says it's network wasn't infected, saying it found that the spam came out of their network via an employee's infected home machine that connected to the AFLAC network through a VPN.

We have observed many months of good behavior from BofA but starting on April 2, 2007 a lone system named system6.bofasecurities.com [63.80.4.6] got infected with something nasty. The situation lasted until the evening of April 6th. During this time we collected 226 SPAM.
Support Intelligence wasn't the only place that noticed this box spew,System6 was blacklisted by CBL, TQM 3, and UCEProtect. We also note that this same system has been blacklisted by SpamHaus before on 2006-12-31 and 2007-03-30.
None of the Spam we collect from System 6 had any Received headers so we believe all the mail to have originated from hosts outside of Bank of America, probably via socks proxy - so lets be clear that this appears to be a casual penetration of [our attorney has encouraged us to leave this space blank]

Via TaoSecurity via Emergent Chaos, both of which have more...

Ryan, a former writer for Wired's Epicenter blog, is the editor of the Threat Level blog. ... Read More

Staff Writer

TopicsCrime Threat Level

US Takes Down Botnets Used in Record-Breaking Cyberattacks

The Aisuru, Kimwolf, JackSkid, and Mossad botnets had infected more than 3 million devices in total, many inside home networks, according to the US Justice Department.

Andy Greenberg

Using a VPN May Subject You to NSA Spying

US lawmakers are pressing Tulsi Gabbard to reveal whether using a VPN can strip Americans of their constitutional protections against warrantless surveillance.

Dell Cameron

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites.

Andy Greenberg

CBP Facility Codes Sure Seem to Have Leaked Via Online Flashcards

The Quizlet flashcards, which WIRED found through basic Google searches, seem to include sensitive information about gate security at Customs and Border Protection locations.

Sammy Sussman

Livestream Replay: The War Machine

A panel of WIRED experts dissected the defense tech industry’s impact on modern warfare.

Tim Marchman

Your Vape Wants to Know How Old You Are

Companies hope that biometric age-verification tech in cartridges could put flavored vapes back in business. But it's unlikely to solve the real problems.

Boone Ashworth

Tech Companies Are Trying to Neuter Colorado’s Landmark Right-to-Repair Law

A bill in Colorado is a glimpse into the future of how corporations are working to limit the freedom people have to make their own fixes and upgrades.

Boone Ashworth

Politicians Are Spending More Money on Security as They Increasingly Become Targets

Political candidates are purchasing more home alarms, bulletproof vests, and other protections amid rising fears of political violence.

Maddy Varner

Iranian Hackers Breached Kash Patel’s Email—but Not the FBI’s

Plus: Apple makes big claims about the effectiveness of its Lockdown Mode anti-spyware feature, Russia moves to implement homegrown encryption for 5G, and more.

Andrew Couts