Tag Archives: malware

botnets conference Google Google Webmaster Tools hacked security social web spam trust webspam

Giving a Talk on Fighting Site Abuse at the NAGW National Conference

DSC_0724 I’ll be traveling to St. Louis this week for the National Association of Government Webmasters 2010 Conference. I’m giving a presentation there on Fighting Site Abuse with Webmaster Tools. It should be fun – I have a lot of info to share and some (hopefully) interesting demos to show everyone along the way.

I’m also very excited to talk to as many webmasters of government sites as possible over the course of the conference. We try to serve everyone who builds and maintains websites but I worry that we hear more from SEO-knowledgeable commercial sites than government, non-profit, and small business sites. I can’t wait to get more perspectives on how Google can help them, what their major challenges are, and even what their goals are in building sites. If you’re going to be there, feel free to chat with me.

If you can’t make it to St. Louis this week, and aren’t a webmaster for a government site, no worries – much of my material comes from Google Help Center articles and Webmaster Central blog posts that you can read right now:

On a personal note, it will be great to get back to the midwest again.

How spam and malware botnets work – two papers

I read two reports today about large-scale botnets that really pointed out that security is still an open problem on the web. Recently, researchers got access to a nasty botnet, Torpig (original paper: Your Botnet is My Botnet: Analysis of a Botnet Takeover). A few months earlier researchers hijacked the Storm Worm and looked at its profitability (original paper: Spamalytics: An Empirical Analysis of Spam Marketing Conversion). Both papers are fascinating, but terrifying reads.

Some findings:

  • In 10 days, a botnet running on 160,000 machines stole credentials for over 8,000 bank accounts.
  • About 1 in 10 people who open a spam email click through to get infected by the malware.
  • 350 million spam emails resulted in only 28 sales, but the average purchase was $100.

How do these botnets get control of machines? How do they make money? Whether it’s a spammer who needs to get someone to make a purchase on a website or a scammer stealing credit card numbers, passwords, and other information, ultimately you need to get someone to a bad website. Think about all the paths you might take to different sites during the day:

  • Via a web search
  • Clicking on a link in an email
  • Going directly to a favorite site
  • Clicking through an ad

Spammers and scammers try to take advantage of all of those methods, and given the huge volumes of machines at their disposal, it’s a wonder search engines, spam filters, and advertising systems protect users as well as they do now. Between the first and third bullet point above, there’s a huge motivation to hack otherwise good sites to inject drive-by download malware – it can happen to anyone.

So what can we do about it? I think it ultimately comes down to a combination of smarter automated methods, better ways to establish trustworthiness, and removing the economic incentives for spamming, identity theft, and hacking. I have a few posts in mind about some current tools that help with the trust issue and how we might be able to build a social web of trust.

This isn’t a new discussion, Tim Berners-Lee has been writing about the web of trust since the 1990s. But all the work done since then has yet to really solve these problems. And really, so long as a few people are willing to click on a malware link or buy drugs via a spam email, it will never stop.