As a result of anti-aspam block lists, many spammers have now taken to various methods of hijacking unsuspecting users' computers to do their dirty work. These range from the ancient "open relay" to outright hijacking and trojans.
Using somebody elses' computer to do your dirty work -- without their permission is hacking. It is hacking with the intent of financial gain.
To my knowledge, this is a criminal offence in most jurisdictions. Forget about prosecuting these people for misleading and advertising and spamming people, let's nail them for hijacking people's computers.
This process is not necessarily without cost to the victims.
Lets consider a user with a 1.5megabit broadband connection. Once these spam hackers gain access to a box, they tend to saturate their bandwidth for as long as the connection is useful. If you do the math (or have a Linux box with the 'units' command), it turns out that 1.5megabits/second is 493 gigabytes/month. At a relatively reasonable $2/gigabyte transfer charge, that comes to almost $1000 worth of bandwidth per month. Multiply that by the scores of connections that can be controlled by a 100megabit backbone connnection, and you have some seriously nasty pilferage.
On the basis of this seriously nasty pilferage, I think that you could put some of these spammers away for a number of years.
This is not just random ramblings. I've seen customers' machines hijacked in this manner, and my own analysis of spam sources indicates that spammers seem to be making use of a surprising number of random IP addresses -- even for identical spams. This seems to point to the fact that these tactics are relatively common.
What is needed is someone willing to take this base data, mount a criminal investigation, and lay charges against these people.
|