Anyone who's been online for more than a day or two has probably received at least one email, and more likely thousand of emails, advertising "cheap OEM" (read: illegal bootlegged) software, "penis enhancement," cheap watches, and girls doing unmentionable things with cooking utensils. Anyone who's been online on a Windows computer is familiar with the zillions of computer viruses and worms out there (over 100,000 at the end of 2004), and if you're not familiar with them (and you're not running antivirus software), odds are good that your computer is infected.

These two scourges--spam and viruses--are related. Virus writers are increasingly likely to be members of organized crime; modern viruses surrender control of the infected computer to the virus author, who can either dig through it at leisure looking for confidential information (such as credit card numbers and online bankling information), or sell the infected computer's IP addresses to spammers (who then use the infected computer to relay spam) or to criminals who use the infected computer to attack or try to hack other computers (should law enforcement trace the attack back, they'll end up at the infected computer).

I've been getting increasingly aggressive over the years at tracking down and reporting spammers, and those who distribute viruses and malicious software. Recently, I've started recording the results of my anti-spam and anti-malware campaign. If you would like to keep up with what I've been doing, check out the Computer Security tag on my journal!

The Shadow Internet

A while ago, I accidentally discovered a massive security breach at an ISP called iPower Web. The hackers penetrated thousands of Web sites hosted by iPower and placed sophisticated redirectors on the hacked sites that shuttled unwary Web visitors to computer virus downloaders. I spent a lot of time tracking the redirectors, and discovered a hidden network of computers, Web hosts, and downloaders responsible for distributing compute malware. Long, and technical, but if you want to know how this stuff works, give it a read!

The Wit and Wisdom of Art Schwartz

Art Schwartz is a spammer who runs a Web site called "Perfect Shareware" in which he claims that for a small fee, you can download illegal copies of all the bootleg software you could ever want. This is the email exchange between Art and I after I reported him for spamming.

Analysis of a VX2 Infection

This is my analysis, first published in my online journal and now somewhat out of date, of an infection by a malicious piece of software known as VX2, with information about the individuals and companies that make money from malware. The techniques and the groups have changed since I wrote this, but it illuminates the kinds of complexity, and the revenue streams, you can see in adware and malware.