Escher Auernheimer, a security analyst with Goatse Security, said in an interview today that his firm “did the right thing” by going public about the hole in AT&T’s website.

UPDATE: AT&T sent a letter to Apple 3G iPad owners over the weekend that shed some light on AT&T’s position on the hack, according to a report in the New York Times. “On June 7 we learned that unauthorized computer ‘hackers’ maliciously exploited a function designed to make your iPad log-in process faster by pre-populating an AT&T authentication page with the email address you used to register your iPad for 3G service,” wrote Dorothy Attwood, a senior vice president and chief privacy officer at AT&T.

“The hackers deliberately went to great efforts with a random program to extract possible ICC-IDs and capture customer email addresses. They then put together a list of these emails and distributed it for their own publicity,” Atwood said.

Meanwhile, Goatse’s Auernheimer says the researchers went public with their findings via the Gawker website after AT&T fixed the flaw. They handed over the email address finds to Gawker, but stipulated that the site not publish the actual email addresses. “Our disclosure process was extremely proper and above and beyond,” Auernheimer says. “Many researchers do not wait for patches” before they disclose, he says.

“What influenced our decision was that there were so many people who were stewards of important infrastructure on the public and private list [exposed],” he says. “Someone else could have scraped this data.”

According to Auernheimer, his team got the data without a password or actual breach/intrusion. The researchers wrote a PHP script that grabbed the email addresses from the errant AT&T script. “It’s not uncommon to see this type of vulnerability,” he says.

The FBI’s involvement could be due to the high-profile iPad customers whose email addresses Goatse discovered, Auernheimer says. “We haven’t had any contact” with the FBI, however, he says. Meanwhile, the FBI issued this statement: “The FBI is aware of these possible computer intrusions and has opened an investigation to address the potential cyber threat.”

Among the email addresses Goatse was able to access were that of White House Chief of Staff Rahm Emanuel, New York City Mayor Michael Bloomberg, U.S. Air Force Col. William Eldridge, and New York Times Co. chief executive Janet Robinson, according to Gawker.

Security experts at Praetorian published the script written by Goatse. It basically grabs email addresses via the integrated circuit card identifiers that associate the iPad SIM card to a subscriber: “An e-mail address gets returned in the successful iterations (active ICCID) and parsed. There’s no hack, no infiltration, and no breach, just a really poorly designed web application that returns e-mail address when ICCID is passed to it,” Praetorian’s Daniel Kennedy blogged on Wednesday.

Meanwhile, Auernheimer has taken issue with AT&T’s claims that his firm acted maliciously. He says he released a semantic integer overflow exploit for Apple Safari in March, which was later patched on Apple’s desktop Safari but has not yet been fixed for the iPad.

“This bug we crafted allows the viewer of a webpage to become a proxy (behind corporate and government firewalls!) for spamming, exploit payloads, password bruteforce attacks and other undesirables. The kicker is that this attack cannot be detected by any current IDS/IPS system,” he blogged yesterday. “We released this in March, mind you, and Apple still hasn’t got around to patching this on the iPad! I know through personal experience that the patch time for an iPad vulnerability is over two months and counting. Given that, the number of parties which probably have active iPad exploits likely numbers in the hundreds, if not the thousands. The iPad simply is not a safe platform for those that require a secure environment.”

New data gathered from users of a free smartphone security tool shows the bad guys are increasingly going after smartphone users. According to Lookout, which offers a free lightweight mobile client with cloud-based security, backup, and anti-theft features, there were about nine pieces of malware and spyware per 100 smartphones as of last month — more than twice as many as in November 2009.

Even more worrisome is how rapidly these threats are hitting smartphones in comparison to the desktop: What took 15 years to evolve with the desktop machine is happening practically overnight in mobile handsets, security experts say. “We call this the 1999 factor: It feels like about 10 years ago in terms of prevalence of threats. There was a tipping point between 2000 and 2002 [for PC threats] that was driven by broadband” and more consumers going online, according to John Hering, CEO and founder of Lookout, formerly Flexilis. “The same trends are going to hold true here [with smartphones].”

Tyler Shields, senior security researcher with Veracode, says he has seen a definite uptick in malware arriving for smartphones during the past few months. “It’s coming at a much faster rate now. It’s difficult to quantify the amount of growth,” however, he says. Shields earlier this year developed and released proof-of-concept source code for a spyware app he created that forces a BlackBerry to hand over its contacts and messages. The spyware can also can grab text messages, listen in on the victim, as well as track his physical location via the phone’s GPS.

Spyware is the main type of malware Lookout sees being created for BlackBerrys, while Windows Mobile phones suffer more from traditional malware, and Androids from a little of both, according to Lookout’s data. “We’re seeing a pretty equal spread [of the threats] across these platforms,” Lookout’s Hering says. The firm doesn’t yet support the Apple iPhone in its app, so data on the iPhone isn’t included.

Why mostly spyware on the BlackBerry? Veracode’s Shields says it might be due to the heavy corporate use of BlackBerrys, which would make any data lifted from them more easily monetized. “The type of data on a BlackBerry generally is going to be corporate-centric and could be of interest to attackers,” he says.

A recent malware attack against Windows Mobile phones basically took an existing, legitimate smartphone app and booby-trapped it with malware: The 3D Anti-Terrorist app game for Windows Mobile was rewritten with auto-dialer malware, according to Lookout’s Hering. The app basically fires up the auto-dialer malware when the user runs the game. “It sits dormant for hours or days, and then wakes up and calls numbers at a premium rate — from Somalia to the South Pole,” for instance, he says. “The victim is then incurring charges but doesn’t notice until [he] receives the phone bill.”

A Windows codec and poker app also were hijacked, copied, and repackaged with malware. The apps are being distributed via typical mobile download and app store sites, such as sharewareplaza.com, geardownload.com, myzips.com, and top4download.com. “We’re seeing the same evolution on mobile as on the desktop: It’s going from notoriety [purposes] to trying to profit,” Hering says.

The malware attack vector being used against smartphones isn’t the SMS or email spam that was all the rage in the early days of mobile attacks. Instead, it’s following smartphone user behavior trends and exploiting downloadable applications, experts say. “Users are downloading apps at a huge pace,” Hering says.

And smartphones are actually more “personal” than PCs. They include GPS location, payment information, email, text messages, and records of who a user communicates with. Hering says today’s smartphone malware is all about grabbing personal information and, now, attempting to monetize it. “On the spyware side, you can imagine an app grabbing personal data that you’re unaware of [occurring] and transmitting that to a third-party location” where it can be resold, for example, he says.

Meanwhile, enterprises should be aware of the risks of breaches via their smartphone users. “They should be worried about this,” Hering says.

But the likelihood of another Operation Aurora-scale targeted attack isn’t as likely to hit via the smartphone just yet: “At this point in time, the PC [attack] model is so much easier and faster. I don’t foresee that level of coordination to target mobile devices at this point,” Veracode’s Shields says.

Apparently the Board Member, investor Jim Breyer, has had his Facebook account suspended over the spam. “Users whose accounts have been compromised are put through a remediation process, where they must take steps to re-secure their account and learn security best practices,” a Facebook official told leading financial industry blog PEHub yesterday, “This is what happened with Mr. Breyer’s account.” If Facebook becomes all the more awash in scams and spams, this may be a key symbol of when the tide turned and it became too much.

In as much as Facebook has brought push-button publishing and social graph technology to hundreds of millions of people around the world for the first time – this is a big challenge the company is going to have to deal with in order for its service to have maximum, long-lasting impact on our culture.

Can Facebook kill the spam? Facebook does have a unique advantage over email, the company points out. When a message from a source is discovered to be spammy, the company can zap it system-wide all at once. Apparently that’s only proven so effective so far, though.

If every social network rises and falls, though, effectively tackling this problem may be important to protecting the Facebook user experience from “pulling a MySpace.” When the problem reaches the very top of the company, it may be time to be concerned.

MySpace took big steps to kill spam years ago, but not until it was too late and the company’s reputation was set. Can Facebook save itself from a similar fate? We’ll see.

In its April 2010 security report, Symantec said it has detected 36,208 unique strains of malware that were designed to carry out targeted attacks.

MessageLabs, which was acquired by Symantec later, was the first one to raise the alert on the Love Bug virus, which was designed to overwrite and destroy data. The virus came in the form of a message attachment when, once opened, sent itself to the addresses of the email recipient and spread on from there.

Ten years since Symantec Hosted Services, then MessageLabs, intercepted 13,000 copies of the virus in a single day on 4 May 2000, MessageLabs Intelligence said it now stops 1.5 million copies of malicious e-mails each day.

“Although mass mailing viruses like the Love Bug are rare today, cyber criminals’ techniques have evolved to more malicious, highly targeted attacks and they are motivated less by achievement and credibility than by financial gain and identity theft,” Symantec said in a statement. “On 4 May, 2000, 1 in 28 e-mails contained the Love Bug virus. By comparison, 1 in 287.2 e-mails contained a virus on 9 April 2010, the peak for April. In April 2010 overall, MessageLabs Intelligence intercepted 36,208 unique strains of malware.”

“The Love Bug was operating in the wake of the Melissa virus, a similarly destructive worm from the previous year,” said MessageLabs Intelligence senior analyst Paul Wood. “Back then, users were less savvy, regarding the dangers posed by suspicious e-mail attachments and e-mails from unknown senders. The general public was also less aware of issues such as spam and denial of service attacks.”

Bot Attacks

The April 2010 MessageLabs Intelligence Report also revealed that Rustock has surpassed Cutwail as the biggest botnet both in terms of the amount of spam it sends and the amount of active bots under its control.

The report noted that Rustock has reduced the output of individual bots by 65 per cent but increased the number of active bots by 300 per cent, thus, making up for the decreased output. Meanwhile, Cutwail has reduced in size to 600,000 bots from two million bots in May 2009 and is now responsible for only four per cent of all spam. “Rustock remains the largest spam-sending botnet responsible for 32.8 per cent of all spam,” the report read.

“Affected by the closure of ISP Real Host in August 2009, Cutwail likely lost the ability to update some of its bots causing its numbers to diminish greatly without the ability to recover,” said Wood. “As a result, Rustock has taken over significant volumes from spammers by undercutting the market with greater capacity and lower operational costs.”

Spam

Worldwide, the spam rate this month was pegged at 89.9 per cent, a drop of 0.8 per cent from the previous month. In the region, Malaysia and Singapore also saw a drop in the spam rate to 87.7 per cent, and 87.6 per cent respectively, the report added.

“Spam is more commonly sent from computers running Windows than from those running other operating systems,” Wood said. “However, spam not identified as coming from botnets was seen in lower proportions coming from Windows machines than from known botnets.”

1)    Your fan kicks into overdrive when your computer is idle
This can indicate that a program is running without your knowledge and using a fair amount of resources. Of course this could also be a bunch of Microsoft updates being installed. Another problem that can cause the fan to kick in like that is excessive dirt in the computer or a failing CPU fan.

2)    Your computer takes a long time to shut down, or won’t shut down properly
Oftentimes malicious software has bugs in it that can cause a variety of symptoms, including long shut down times of a failure to shut down. Unfortunately, operating system bugs and conflicts with legitimate programs may cause the same symptom.

3)    You see a list of outbound Wall posts you didn’t send on your Facebook page (see below)

There are few reasons other than malicious software or having your account hacked that would cause this problem. If you see this happening, you definitely want to change your password and make sure you computer is not infected. Best to make sure your computer is not infected before changing your password!!! Don’t use your Facebook password on multiple sites!!!

4)    Programs are running very slowly
This can be a sign that hidden programs are using a lot of your computer’s resources. This also can be a sign of other problems. On Windows systems if there are 10,000 files or more in a single directory it can really bring a system to a crawl.

5)    You cannot download operating system updates
This is a symptom you cannot ignore. Even if it isn’t a bot or other malware, if you don’t keep your system patched your computer probably will get infected.

6)    You cannot download antivirus software updates / visit vendors’ websites
Malware often tries to prevent antivirus software from running or being installed. An inability to update your antivirus software or visit the vendor’s web site is a pretty strong indicator of malware.

7)    Internet access slows to a crawl
If a bot is using your computer to send massive amounts of spam or participate in an attack against other computers, or to upload or download a lot of data it can make your internet access very slow.

8)    Your friends and family have received e-mail message from you that you did not send
This can be a sign of a bot, other malicious software, or that your webmail account has been hacked.

9)    You receive pop-up windows and advertisements even when you are not using a web browser
While this is a classic sign of adware, bots can install adware on your computer. You definitely want to get this problem taken care of.

10)    Windows Task manager shows programs with very cryptic names or descriptions (the highlighted line is the example)

Using task manager requires some skill and research. Sometimes legitimate software uses cryptic names as well. An entry in task manager is generally not enough to identify a program as being bad. This can help you find bad programs, but many additional steps must be performed to validate you findings. Killing processes and deleting files or registry entries because you “think” it is a bot or other malware can result in the inability to even boot your computer. Be very careful of making assumptions and acting on them.

Although this doesn’t cover everything that could mean you are part of a botnet, this is a good list of the major signs you will see, and means you need to get your computer cleaned ASAP!

A botnet is a network of infected computers under the control of hackers.

The firm said that closing the domains would mean that up to 90,000 PCs would stop receiving orders to send out spam.

A recent analysis by the firm found that between 3-21 December “approximately 651 million spam e-mails attributable to Waledac were directed to Hotmail accounts alone”. It said it was one of the 10 largest botnets in the US.

Machines in a botnet have usually been infected by a computer virus or worm. Typically, users do not know their machine has been hijacked.

Microsoft said that although it had effectively shut down the network, thousands of computers would still be infected with malware and advised people to run anti-virus software. The court order was part of what was called “Operation b49″.

Along with intelligence organisation Shadowserver, the University of Washington and security firm Symantec, Microsoft managed to get a court in Alexandria, Virginia, to force Verisign, which manages the .com domain, to temporarily switch off the domains.

Microsoft said it was the result of months of investigation and described it as a legal first.

“This action has quickly and effectively cut off traffic to Waledac at the .com or domain registry level, severing the connection between the command and control centres of the botnet and most of its thousands of zombie computers around the world.”

Festi, which the researchers first started watching closely in August, is currently sending an average of 2.5 billion spam messages a day around the world — mostly pharmaceutical spam, including male-enhancement and herbal remedies, as well as jewelry and watches. The botnet has apparently pumped up the volume of spam by recruiting more bots, about 60 percent of which are in Asia, 18 percent in Europe, and 9 percent in North America, according to MessageLabs.

And its spamming volume jumped significantly during the past few days.

“Festi had been fairly invisible in terms of the amount of traffic it was sending out — each time we would look at it…it was not featured in the top 10 [spamming botnets],” says Paul Wood, senior analyst for MessageLabs Intelligence and Symantec Hosted Services. “We were quite surprised when it started increasing in significant volume over the last few days.”

But while Festi’s growth is impressive — and it’s now at the No. 5 slot — it’s still not in the league of the top five spamming botnets. According to MessageLabs, Grum accounts for 23.2 percent of all spam; Bobax, 15.7 percent; Cutwail, 11.1; Rustock, 10 percent; and Bagel, 8.2 percent. MegaD accounts for 6.8 percent of all spam, according to MessageLabs.

Joe Stewart, a researcher with SecureWorks’ Counter Threat Unit and a botnet expert, says Festi “looks like it’s up-and-coming.”

SecureWorks has a slightly different order in its top five botnets, with Cutwail at No. 1, followed by Rustock, Xarvester, Grum, and MegaD. Stewart says of the spam he monitors, Cutwail, which has a half-million bots, sends 65 percent of spam.

Festi likely infects its victims via drive-by downloads, Stewart says, and it’s somewhere around 25,000 bots. Its malware is a kernel-based spam bot, too, which isn’t typical. “It’s a little unusual when you see a brand-new spam bot come out already using rootkit capabilities and running directly out of the kernel,” Stewart says. “That suggests this person already [may] have…some experience with spam systems.”

The good news about Festi is that it’s mostly a spamming botnet, with no malicious, data-stealing malware. While this might not be considered “good news”, it is good news in the fact that it could easily be much worse. So keep your computers safe and up-to-date out there… and ALWAYS keep your antivirus software updated!

It’s a sinking feeling because there’re so many confidential documents on the computer and since most of your trusted colleagues have also left for the day, there’s no point calling them for help.

So what do you do? Drive back to Office? Well that’s not required – just take out your cell phone or switch on the laptop at home, send an email (or an SMS or a tweet) and that will instantly lock your Office workstation. And if you share the same computer with multiple people, you can use another email command to remotely log off or even shut down the computer from anywhere in the world.

There’s no magic here, it’s the power of TweetMyPC utility that lets you remote control your computer from a mobile phone or any other Internet connected computer.

It works like this. You first install the free TweetMyPC utility on any Windows PC and associate your Twitter account. The app will silently monitor your Twitter stream every minute for any desktop commands and if it finds one, will act upon it immediately. The initial version of TweetMyPC was limited to basic shutdown and restart commands, however the current v2 has a far more robust set of commands, enabling a far more useful way of getting your PC to carry out certain tasks especially when you’re AFK (Away From Keyboard).

Before we get started, it may be a good thing if you can set up a new twitter account for remote controlling your desktop and also protect the status updates of this account to ensure better security. Protecting the account means that you prevent other users from reading your tweets which in this case are email commands that you sending to the computer. To protect your Twitter profile, log in to Twitter with the credentials you want to use, click Settings and check the box next to “Protect my Updates”.

Let’s get started. Install the TweetMyPC utility of your computer and associate your Twitter and Gmail account with the application. It will use Twitter to receive remote commands (like shutdown, log-off, lock workstation, etc) from while the email account will be used for send your information (e.g., what process are currently running on your computer).

Now that your basic configuration is done, it’s time to set up a posting method. You can use email, SMS, IM, web or any of the Twitter clients to send commands to the remote computer.

By Email: Associate you Twitter account with Posterous (auto-post) and all email messages sent to twitter@posterous.com will therefore become commands for the remote computer.

By SMS: If you live in US, UK, Canada, India, Germany, Sweden or New Zeleand, you can send associate Twitter with your mobile phone (see list of numbers) and then control your remote computer via SMS Text Messages.

By IM: Add the Twitter bot – twitter@twitter.com – to your list of Google Talk buddies and you can then send commands via instant message.

By Web: If you are on vacation but have access to an internet connected laptop, just log into the Twitter website and issue commands (e.g., shutdown or logoff) just as another tweet.

Now we will look at how to download Files, capture remote screenshots & more… While the TweetMyPC is pretty good for shutting down a remote computer, it lets you do some more awesome stuff as well. For instance, you need to download an unfinished presentation from the office computer so that you can work on it at home. Or you want to download a trial copy of Windows 7 on the Office computer while you are at home. Here’s a partial list of commands that you can use to remote control the PC – they’re case-insensitive and, as discussed above, you can send them to Twitter via email, SMS, IM or the web.

Screenshot : This is one of the most useful command I’ve come across after the shutdown command. Want to know what’s happening within the confines of your PC when you’re not around? Just tweet screenshot and TweetMyPC will take a screenshot of your desktop and post it to the web (see example).

ShutDown, LogOff, Reboot, Lock : The function of these useful commands is pretty obvious from their names.

Standby, Hibernate : Don’t want to shutdown the remote PC? Save power by entering standby mode with this command. Or hibernate your PC with a tweet, thereby saving even more power.

Download <url> : You can download any file from the Internet on to the remote computer using the download command. For instance, a command like download http://bit.ly/tCJ9Y will download the CIA Handbook so you have the document ready when you resume work the next day.

GetFile <filepath> : The Download command was for downloading files from the Internet onto the remote computer. However, if you like to transfer a file from the remote computer to your current computer, use the GetFile command. It takes the full page of the file that you want to download and will send that you as an email attachment. If you don’t know the file page, use the command GetFileList <drivename> to get a list of file folders on that drive.

GetProcessList : This is like a remote task manager. You’ll get a list of programs that are currently running on the remote computer along with their process IDs. Send another command kill <process id> to terminate any program that you think is suspicious or not required.

Conclusion:

TweetMyPC is a must-have utility and you never know when you may need it. And if you have been trying to stay away from Twitter all this time, the app gives you a big reason to at least create one protected account on Twitter.

That said, there’s scope for improvement. For instance, the app will wait for a minute to check for new messages in your Twitter stream so it’s not “instant”. The developers can actually increase that limit because the Twitter API now allows upto 100 checks per hour. And since the app is dependent on Twitter and Gmail, it will not work during those rare fail-whale moments.

In a Federal Trade Commission (FTC) law enforcement action, the court found that the five defendants, located in Canada and St. Kitts, violated the FTC Act and CAN-SPAM Act by participating in the spam operation. The court order bars the defendants from violating the CAN-SPAM Act and from making false or unsubstantiated claims about the health benefits of any food, drug, or dietary supplement.

The FTC charged that the operation used spammers to drive traffic to Websites selling an extract of the Hoodia gordonii plant it claimed would cause significant weight loss, and a “natural human growth hormone enhancer” it claimed would reverse the aging process. The FTC alleged that these claims were false or unsubstantiated, and charged the defendants with deceptive advertising in violation of federal law. It also alleged that the spammers sent e-mail that contained false “from” addresses and deceptive subject lines, and that they failed to provide a required opt-out link or physical postal address.

The case, filed by the FTC in October 2007, marked the first time the agency invoked the US SAFE WEB Act, a federal law designed to protect consumers from cross-border fraud and deception. The legislation enhances the agency’s ability to exchange information with foreign counterparts and helps protect consumers from cross-border spam and spyware distribution, as well as Internet fraud and deception. The FTC’s complaint charged eight defendants — Spear Systems (a U.S. company), three other corporate defendants, and four individuals.

The FTC settled with three defendants in the case — Spear Systems and two individuals, one in the United States and one in Australia — in May 2008. The agency was unable to reach settlements with the remaining five defendants, who are the subject of the court order announced today: Xavier Ratelle and Abaragidan Gnanendran, of Quebec, Canada; and corporate defendants 9151-1154 Quebec, Inc., 9064-9252 Quebec, Inc., and HBE, Inc. The final orders were entered by the United States District Court for the Northern District of Illinois, Eastern Division.

Although this seems to be a win for the good guys, the bad news is that something like this doesn’t even make a small dent in the problem of spammy emails that flood our inboxes from day to day. We can only hope for more and more of these types of cases to come up because over time, people might actually start to shy away from these methods if the penalties are too high.

The simple attack begins with an email message bearing the subject line “Hello,” according to Fred Touchette, senior security analyst at AppRiver. The body of the message reads, “Check areps.at” The message then offers a Facebook link to reply to the message. When users click on the link, they are brought to a fraudulent Facebook page that requests their account information and then routes them to their own Facebook page as it captures the login data, Touchette says. In some cases, the attackers use the login data to immediately change the users’ passwords, effectively locking them out of their accounts.

In addition to areps.at, AppRiver has spotted the same attack coming from several other sources, including bests.at, brunga.at, kirgo.at, nutpick.at, and fcoder.at. These sources bypass some spam filters because they are not structured as full URLs, AppRiver researchers say. The phishing attack is surprisingly simple and not particularly well-concealed, Touchette observes. For example, it doesn’t require CAPTCHA authentication — which Facebook usually does — and the destination URL of the fraudulent login page does not contain the word “Facebook” — which the real logon page does, he notes.

“We’re not sure what the [phishers] were thinking, using such a simple attack and then locking users out of their accounts,” Touchette says. “Usually, in more sophisticated [exploits] the attacker would quietly maintain access to the account for as long as possible, rather than tipping off the victim.”

Both AppRiver and Cloudmark researchers say they expect to see more such attacks on Facebook because of its popularity and the site’s viral nature of communications, which makes it easy for attacks to spread. “Phishing and spam will continue to increase on social networks as users migrate large portions of their Internet activity, such as email, to these properties,” says Adam O’Donnell, Cloudmark’s director of emerging technologies. “Finding a cost-effective mechanism for remediating phished accounts is now a priority for Facebook and other social network sites. They need to figure out how to reset these people’s passwords and contact them without priming their user population for an email-based phishing attack.”

So if anything can be learned from all of this… Don’t ever trust emails from “social websites” that end up asking you for any type of information, or simply link you to another website other than the one it says it is coming from! So stay safe!

Once a computer is infected with Gaptcha, the worm launches the Internet Explorer browser and goes to Gmail’s new account registration page. It begins to fill in random names of fictitious users. When confronted with a CAPTCHA, the worm sends the image to a remote server for processing, wrote Do Manh Dung, senior malware researcher, on the BKIS blog.

A CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart) is the distorted text that a person must solve before a new account can be created. It used to be hard for computers to translate the text, but improvements in OCR (optical character recognition) technology have overcome that barrier. In some cases, spammers are believed to employ people in low-income countries to figure out the CAPTCHA in order to gain new e-mail accounts. Once a new registration is complete, the account details are then e-mailed to a spammer. After too many account registrations, Google will eventually block the particular computer creating the accounts. The worm then removes itself, Dung wrote.

Google officials that were contacted in London did not have a comment on the latest worm, but it and other companies that provide free e-mail accounts have been besieged over the last few years by spammers using sophisticated techniques to create fake accounts. Free e-mail accounts are valuable to spammers. E-mail sent from those accounts has a better chance of making it past antispam filters since it comes a trusted domain, although companies use other methods such as text analysis to pluck out rubbish e-mail.

The bad news for those of us who know enough not to get infected with this new worm still have some things to be worried about sadly. Even if you keep yourself safe and your computer secure, in the end we all will still have to deal with the ever increasing number of spam emails.