33 percent of all spam ended yesterday

Sort of….

The FTC (Federal trade Commission) won a preliminary legal victory against the world’s largest spam gang  by persuading a Chicago Federal court to freeze the gangs assets and to order their spam network shutdown.

The spam gang, known by spamfighting agencies as HerbalKIng, had a networks of 35,000 computers which which could send out 10 billion spam messages a day.  Many of these computers were owned by people who didn’t know their computers had been remotely commandeered to send email on behalf of the spammers.  The network had ties in the United States, China, India, New Zealand, and Australia. The network was referred to as the “Mega-D Botnet”.

If you’re unfamiliar with the term “botnet, here’s an explanationation from SearchSecurity.com:

A botnet (also known as a zombie army) is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions (including spam or viruses) to other computers on the Internet. Any such computer is referred to as a zombie – in effect, a computer “robot” or “bot” that serves the wishes of some master spam or virus originator. Most computers compromised in this way are home-based. According to a report from Russian-based Kaspersky Labs, botnets — not spam, viruses, or worms — currently pose the biggest threat to the Internet. A report from Symantec came to a similar conclusion.

The network was purportedly responsible for a third of all spam at one point, and had been collecting $400,000 in Visa charges in one month.

The spammers had been sending messages hawking various pharmaceuticals and male-enhancement drugs. The charges brought against them are more than just spamming counts, but the charges also include making false claims about their product, selling pharmaceuticals without a prescriptions or doctor’s intructions, and selling drugs from countries such as Indie which aren’t regulated or approved for sale in the US.  Many of the drugs being sold had harmful side effects.

The FTC’s investigation aginst this organization had been ongoing for over 2 years.

Here’s a bio about HerbalKing from Spamhous spamfighting organization:

HerbalKing is a massive affiliate style spam program for snakeoil Body Part Enhancement scams (penis enlargement). It has also done spam campaigns for replica luxury goods, pharma (counterfeit pills) and porn. Spam arrives via botnets with spamvertised sites on “bulletproof” hosting offshore, particularly in China. The group also uses fast-flux hosting, running sites on hacked botnet PCs.

HerbalKing, with connections to India (possibly due to pharmaceutical supplies), rivals the traditional Eastern European spam gangs for volume and criminal botnet methods of its spam. “Tulip Labs” appears to be the source of HerbalKing’s herbal remedy products. The main operation may be run out of New Zealand or Australia by long-time spamming brothers Lance & Shane Atkinson. (see: http://www.geekzone.co.nz/juha/2237 )

There are hundreds of SBL listings related to HerbalKing but some may not be linked to this ROKSO due to the tremendous number of identities and domains used by the program. Lists of domains should be considered examples of that abuse of domain name space, not comprehensive lists of their registrations.

Read more at the FTC‘s web site; the NY Times; and the ars technica web site.

Post Comments or Questions with the link below. Keep up-to-date with Skylarking: By Email or RSS Newsfeed or on Twitter. You can also send questions with my email form.


  1. Philip says:

    Don’t you think that part of the issue here isn’t the fact that we have people out hacking machines, turning them into “zombies” and sending out spam, but rather we haven’t educated the public enough to ask them to ensure their connection is secured? I’ve run into many people in helping them with their personal network issues, who don’t believe in firewalls, wifi security, or antivirus, their excuse is always the same “I’ve got nothing on my machine that’s of any use to anyone else, let them hack it”, but what these people don’t realize is that in allowing people to hack their machines (which happens in minutes of on a unsecured unpatched machine being placed on the internet, I’ve done it as a test).

    I’m not sure if the problem is with Microsoft, Apple, or other providers, or if it’s with the end-users (the problem of course is if the OS manufacturers make the system too secure the people can’t use it properly). I believe like the perils of cigarette smoking, driving drunk or without a seat belt, people need to be educated in the harm they are causing others, when they place their machines up on the internet with no security.

  2. Thanks for writing, Philip. Excellent comments.

    There are several problems with computer security issues. The hackers who knowingly or not break the law by hacking and hijacking computers for illegal purposes — that includes the companies who create trojan software posing as security enhancing programs.

    Yes, there is a large segment of the computer owning public that isn’t aware of these “zombie” or “botnet” systems. The terms alone seem laughable to many, and thus less likely to take the threat serious.

    You are right about unprotected computers on the Internet get compromised very rapidly. A person’s choice of web sites will certainly expedite the process. I have heard the “compromised in minutes” reports. Regardless, any unprotected computer with an Internet connection is going to be in trouble within days, and I have known owners not to be aware of it for months. Specially with spyware which is dsigned “not to be noticed”. A high profile spy isn’t a good spy.

    Most owners worry about hackers gaining access to their personal data, and are unaware that their computer — Apple or PC — can be hijacked. Certainly ID theft and computer break-ins get a lot more press.

    Of course, more people talk about ID theft, but how many times does a person conversationally ask, “Did you renew your anti-virus subscriptions this year?” The question seems strange because it never gets asked.

    Lastly, too many families leave the computer security problems to the kids to handle when the parents could very quickly educate themselves about computer security by picking up an issue of PC World or some such magazine at any newsstand.

    Thanks again for you excellent comments. Keep ’em coming! And I’ll check out your blog, too.

Leave a Reply

Your email address will not be published.