I came across the blogs from PandaSoftware and F-Secure which both report about recent developments in the Spam and Bot net world. The blogs give a good insight into the world behind the daily Spam flood.
The blogs can be found at f-secure.com/weblog/ and blogs.pandasoftware.com/blogs/pandalabs/. Both cover in general the same topic (and I’m quite sure that other security companies have similar blogs, btw.) which is malware of any kind. If you want to get a feeling about how spammers and bot net controllers really work these are good sources for information.
As an example: while I knew that writing trojaners and viruses isn’t that difficult in these days due to build kits I wasn’t aware that controlling bot nets is maybe even easier: F-Secure’s article about the LDPinch trojan and PandaLabs’ a href=””>article about the Zunker Bot both show GUI’s which are plain and simple – and easy to use. Looks like even bot net controllers want to have user-friendly tools. This is impressive because it makes controlling bot nets even possible for people who are not that much into computers. And this is again frightening since it lowers the entry barrier pretty much. I mean, it even has a handy and easy to use update mechanism to update the bot on thousands of computers!
If you want to get into the topic more detailed you can also read the MPack uncovered (PDF) report. It covers the MPack tool which attacks web page visitors with a set of known vulnerabilities depending on the configuration of the visitor’s machine.
Another part I found quite interesting was a report about XRumer, a tool used to post stuff to forums – and to bypass captchas. I have to admit that I find it more and more difficult to read the today’s captchas and seeing that tools like XRumer can read them anyway makes me wonder why not everyone switch over to more Akismet-like mechanisms.
Anyway, both blogs are worth keeping an eye on if you want to follow the Bot net development – although I might even depress you to see how professional these people are today and how little can be done at the moment.