Spammers steal IP addresses ... and threaten the Internet's system of trust among networks. Malware malcontents, especially spammers, are temporarily stealing IP addresses from their rightful domains and using them as their own for as little as five minutes but as long as a day.
Dave Rand, chief technologist for Internet content security at Trend Micro's US operations, argues that these illegal exploits threaten the basic trust system among the 22,000-plus networks that make up the Internet.
Spammers exploit the Border Gateway Protocol's method for presenting the unique addresses on each network by nabbing bunches of them and temporarily assigning them to their own routers -- an attack called a BGP injection.
"There's no central source monitoring all of the address blocks on the Internet," Rand says. "The only telltale sign that your addresses have been hijacked is that traffic on the network [from which they've been stolen] is reduced."
Not that long ago, the price of a router required to pull off the crime made BGP injection exploits cost-prohibitive.
"Now you can get one on eBay for 150 bucks," Rand points out. What's most dangerous, he says, is that while spammers have a hold of your IP address, they aren't merely using it to send spam -- they are your address.
Privileged information coming to that IP location is now in their hands. The ramifications, of course, are unsettling. Rand says Trend Micro is working on a protection scheme. But right now, he warns, there isn't a darn thing you can do.