back to article IoT botnet Linux.ProxyM turns its grubby claws to spam rather than DDoS

An IoT botnet is making a nuisance of itself online after becoming a conduit for spam distribution. Linux.ProxyM has the capability to engage in email spam campaigns with marked difference to other IoT botnets, such as Mirai, that infamously offered a potent platform for running distributed-denial-of-service attacks (DDoSing …

  1. Semtex451
    Pint

    IoT Sec

    "This isn't a surprising development" No quite.

    Just how long has the IoT security flare been lit for now?

    Who cares its pub time.

  2. Donkey Molestor X

    do not ask for whom the monkey masturbates

    Let's all give a round of applause to Linus Torvalds for declaring that security researchers are a bunch of "masturbating monkeys". He's made this and many other "SQL Slammer" moments not only possible but inevitable in his toy OS.

    1. Paul Crawford Silver badge

      Re: do not ask for whom the monkey masturbates

      Er, how is having a stupid default user-name/password and no patching policy on an Internet-of-Shit device the fault of the lead kernel developer?

    2. Notas Badoff

      Re: ... monkey masturbates

      "He's made this and many other ... not only possible but inevitable ..." Ah yes, blame Tesla and Edison for the electric chair. Right.

    3. HieronymusBloggs

      Re: do not ask for whom the monkey masturbates

      "He's made this and many other "SQL Slammer" moments not only possible but inevitable in his toy OS."

      Is this an obscure joke? SQL Slammer affected Microsoft's SQL Server, and Linux is not an OS, it's a kernel. Explanation please.

    4. JEDIDIAH
      Linux

      Re: do not ask for whom the monkey masturbates

      You don't need a PhD or a fancy title to know to avoid the kind of obviously bad things Microsoft tends to embrace despite being burned repeatedly by them. Even a VMS kernel won't help you if you do obviously stupid things in userland.

      1. Anonymous Coward
        Anonymous Coward

        Re: do not ask for whom the monkey masturbates

        "You don't need a PhD or a fancy title to know to avoid the kind of obviously bad things Microsoft tends to embrace despite being burned repeatedly by them. "

        I note that Google managed to release more patches this month for one limited Linux based OS than Microsoft did for every single currently supported product...

        1. oldcoder

          Re: do not ask for whom the monkey masturbates

          So? At least Google is fixing, and not calling them a "feature".

  3. Anonymous Coward
    Anonymous Coward

    Most unauth SMTP connects from dialup ranges are treated as spam anyway.

    Not really an issue apart from the CPU consumed by the filtering servers.

    1. xXSwolGunzXx

      Re: Most unauth SMTP connects from dialup ranges are treated as spam anyway.

      Last time I tried to make SMTP connections from my home I learned that my ISP firewalled outgoing connections. You had to send through their relay. They didn't mind my few messages, but I'm sure anyone trying to do anything substantial (legitimate or not) would get blocked and informed of the benefits of a business account with them.

      Since then I've given up direct involvement with email entirely and let the hosting provider deal with SPF, DKIM, reputation, and all that crap.

    2. Anonymous Coward
      Anonymous Coward

      Re: Most unauth SMTP connects from dialup ranges are treated as spam anyway.

      Nope. I have run a home Exchange server for a decade on a home internet connections and only very rarely is dynamic addressing blocked.

  4. FlamingDeath Silver badge
    Joke

    UPnP on by default

    So helpful

    Sometimes open on the WAN too!

  5. John Smith 19 Gold badge
    FAIL

    This is not the Linux you are looking for. This is the "code monkeys" distro.

    5 minutes to assemble

    10 minutest to build

    0 mins to test.

    It's all in the config, the defaults and the continued use of p**s poor design patterns, like hard coded default passwords copy and pasted to every device.

  6. Anonymous Coward
    Linux

    Devices infected with Linux

    "According to Dr.Web's statistics, a device infected with Linux.ProxyM sends on average about 400 emails per day"

    How does this Linux.ProxyM infect the devices in the first place?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like