Dark Reading: Attackers Hide in Fast Flux

Criminal organizations behind two infamous malware families -- Warezov/Stration and Storm -- in the past few months have separately moved their infrastructures to so-called fast-flux service networks, according to the Honeynet Project & Research Alliance, which has released a new report on the emerging networks and techniques.

So what is fast-flux?

Fast-flux is basically load-balancing with a twist. It's a round-robin method where infected bot machines (typically home computers) serve as proxies or hosts for malicious Websites. These are constantly rotated, changing their DNS records to prevent their discovery by researchers, ISPs, or law enforcement.

"The purpose of this technique is to render the IP-based block list -- a popular tool for identifying malicious systems -- useless for preventing attacks," says Adam O'Donnell, director of emerging technologies at security vendor Cloudmark.

Well, crud.

InfoWorld: Confessions of a former spammer

This is buried near the end of the article, but I think it's the most important line.

As broadband speeds increase, spammers will increasingly look to market goods by making VoIP calls or sending out videos, Ed said. The ultimate unsolvable problem is users, who continue to buy products marketed by spam, making the industry possible.

The problem with fighting spam is that we are going after the middle men, not the people who provide the supply - unscrupulous peddlers - and those who provide the demand - people who fall for spam.

----------
Correction: This article was originally posted as "Tuesday Links", despite the fact that we wrote and posted it on a Thursday. You ever have one of those days that... actually turns out to be another one of those days? -- ed.