Phishers and spammers are streamlining
Antivirus specialist Avira has noticed a strange wave of spam. This new flood involves messages that only contain a few digits both in the subject line and in the body of the e-mail -- no other text or links. The recipient is simultaneously given as the alleged sender. Heise has also already received a large number of such e-mails. Avira's virus expert Gernot Hacker believes that this campaign is an attempt on the part of spammers and/or phishers to rid their giant address books of useless e-mail addresses that e-mail gateways reject anyway. After all, failed attempts waste time and bandwidth.
While this theory would explain why the e-mails apparently have no content, we should not jump to conclusions. To obtain the desired information, a special module on the bot computers that send out the spam would have to log and analyse the resulting SMTP dialogue with the server. While it is common for bot clients to reload and execute new software from the Internet if commanded to do so, Avira does not know of any special address testing module, as Hacker admitted when asked by heise Security. The only way to find out for sure what role these mysterious numbers play would be to analyse one of the zombie computers or the program running on it.
Update:
Symantec has indeed found a new Beagle variant that verifies e-mail adresses.
(ju)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
