4

Got IM Spam?


Posted by Artem Russakovskii on November 24th, 2008 in Stuff

image Everyone hates spam, right? Right, well maybe except for security researchers – it pays their bills. But the rest of the sane world does, and so do I, and while gmail has figured out a way to deal with the problem 99.9% of the time, nobody invented instant messenger anti-spam solutions yet [I think].

Lately I have been getting increasingly annoyed with a certain unexplainable, persistent, and surprisingly intelligent botnet on AIM. From time to time I would get messages from some sort of a fish variation. My list so far consists of the following IM names:  CroppedCoho, FortifiedTrout, FreshenedupTrout, FrozenSolidTrout, HandcuffedCoho, KissableCoho, PreferentialCoho, SmarterCoho, TentativeCoho, WantedCoho, and YoinkedTrout. Does it look annoying already? Well, it is.

Each of the conversations would start out casually, the bot would respond quite wittily and intelligently, and the whole conversation would eventually either lead to me getting pissed off or the bot promoting reddit in one way or another. What is reddit’s affiliation with this botnet? I’d like to know myself.

Here’s an example of one conversation:

(1:15:12 AM) frenchcoho Ever watched a marmot bite a lamb to death while blindfolded? No? Well, you're sure in for a treat!
(1:15:36 AM) archon810 let me guess
(1:15:37 AM) archon810 trout?
(1:15:50 AM) frenchcoho i think so.
(1:16:06 AM) archon810 #reddit?
(1:16:33 AM) frenchcoho what about it?
(1:16:41 AM) archon810 it's gay
(1:16:44 AM) archon810 like you
(1:16:53 AM) frenchcoho …good one?
(1:16:57 AM) frenchcoho you sure got me.
(1:17:14 AM) archon810 run along now
(1:17:28 AM) frenchcoho okay?
<blocked>

or

(8:51:25 PM) smartercoho Ever watched a marmot bite a lamb to death while blindfolded? No? Well, you're sure in for a treat!
(8:51:35 PM) archon810 fuck off
(8:51:37 PM) archon810 i hate you
(8:51:44 PM) smartercoho You don't even know me
<blocked>

or just blatantly frank:

(7:13:13) yoinkedtrout We're discussing Trout in the IRC channel #reddit on irc.freenode.org.
<blocked>

At this point I had enough. Sure – it was all very mysterious but at the same time incredibly annoying. A few seconds of googling led me to this page, with instructions of how to stop the nonsense and a Wikipedia link that finally shone some light on the puzzle.

(9:51:18 AM) handcuffedcoho Hey, let's be friends.
(9:54:29 AM) archon810 $optout
(9:54:32 AM) handcuffedcoho OPERATOR: Are you sure you want to opt-out? If you do, you will *never* be contacted again on the account "Archon810". There is *no way* to opt back in and undo this.

If you are sure, type "$optout 35DA". Remember, this is permanent and irreversible!
(9:54:44 AM) archon810 $optout 35DA
(9:54:44 AM) handcuffedcoho OPERATOR: You have opted out. The account "Archon810" will *never* be contacted again. Good bye!

Phew, and it’s over. I hope… Probably until the next smartass decides to code up a new bot variant.

● ● ●

Artem Russakovskii is a San Francisco programmer, blogger, and future millionaire (that last part is in the works). Follow Artem on Twitter (@ArtemR) or subscribe to the RSS feed.

In the meantime, if you found this article useful, feel free to buy me a cup of coffee below.



Share
  • http://blog.w2.ro necenzurat

    long live programming 😀

  • .

    care to provide some facts on how spam pays security researchers' bills..?

  • http://beerpla.net Artem Russakovskii

    Sure. It gives them things to do and research. Without security related problems, security researchers would have nothing to do. It takes crime to have police.

  • brandon alan scofield

    I use skype and yahoo instant messenger … I hate when I found out that I chat with a machine promoting a website 🙂 …