Thanks for the heads up
Thanks for the heads up El Reg.
As usual, all your virus articles are much appreciate!
Sneaky hackers are using Gmail and Yahoo! drafts to control compromised devices, with the tactic designed to make detection of malware-related communications more difficult to pick up in enterprise environments. Attacks occur in two phases. Hackers first infect a targeted machine via simple malware that installs Python onto …
Public notice
A dangerous virus called 'Python' was discovered on the school's computers by expert system administrator, Mr.Dummschmuck von Bluntknapp. The pupils responsible for this will be obliged to pay the full costs for its removal, and be expelled immediately.
Signed: Drively K. Bletheringskite, Esq, Headmaster.
Topic was reported recently, even in the Register. Why the revival today?
Anyway, we actually could do something about the spam problem. Unfortunately, it would require better tools so that we could help break the spammers' business models, and the companies that could provide such tools obviously don't care that much.
I know the google has goone EVIL, but I don't know how they are profiting from supporting the spammers. I guess that Microsoft supports the spammers out of professional courtesy, while Yahoo is too incompetent to worry about anything except scheduling their bankruptcy.
"the hacker uses drafts to ensure no mail ever crosses the firewall" (said a security firm). That escapes me. If a draft mail (having commands for or results from the compromised device) needs to be passed between a drafts folder on the web and that compromised machine (how would the malware get instructions?), that message will be transferred using one of the well known mail protocols for doing so. Those can be inspected by Firewalls and AV software may also sit in between? Results may vary, depending on the encryption of the payload.
It may not be spotted by Yahoo or Gmail if they only check incoming and outgoing mails.