British computer security firm MessageLabs has nailed down hard evidence that spammers infected "hundreds of thousands" of computers with viruses that turned those computers into conduits for sending porn and other spam around cyberspace.
"This is a massive discovery," said MessageLabs senior anti-spam technologist Matt Sergeant to the Guardian. "It completely undermines the spammers' claim that they are legitimate marketers and shows that they are nasty insidious hijackers who drive me and the vast majority of computer users nuts."
MessageLabs estimated the viruses in question were transmitted to about one million computer users over a two-day period in the first week of the month, by a spammer looking to push advertisements for incest porn, the Guardian said.
"Internet security experts and anti-spam campaigners have suspected for some time that spammers would use viruses to access computers," the newspaper continued, "but the MessageLabs investigation is the first conclusive proof."
"We've suspected it for some time now," said MessageLabs chief information officer Paul Wood in another announcement. "By cross-referencing our virus logs with our spam logs, we discovered that there were significant numbers of IP addresses from where we were stopping viruses, we were also stopping spam. Rather than using their own bandwidth, [spammers] are hijacking other people's computers."
Sergeant said the porn spam virus put spoof addresses into the "from" line, using domains said to be owned by a Hong Kong-based e-mail company, Outblaze, which has about 30 million international customers and owns domains like email.com and usa.com, the Guardian said.
"This is a very disturbing trend," said Outblaze to the paper. "For our customers it is doubly infuriating because not only are they receiving the most disgusting spam they are also discovering that their computers are being hijacked illegally to send the stuff out."
