MAAWG Attacks BotNets with Walled Garden Best Practices to Protect Users

    SAN FRANCISCO, Oct. 5 /CNW/ -- Taking aim at the bot and zombie malware
that turns unsuspecting users' computers into dangerous spam and identity
theft networks, MAAWG has issued the first best practices developed
cooperatively by major Internet and email service providers for managing
infected subscribers.  The "MAAWG Best Practices for the Use of a Walled
Garden" provides recommendations for directing customers to a safe online
environment where downloadable self-remediation tools can help users remove
the malicious code installed on their computers.
    (Logo: )
    "The industry needs to define best practices to address this problem just
as a public health department would define quarantine procedures for a
biological infection that is affecting its citizens.  These best practices are
the first effort at unifying and educating ISPs and service providers on how
to effectively confront this rapidly spreading malware," said Scott Chasin,
editor of the MAAWG walled garden recommendations and MX Logic, Inc. chief
technology officer.
    Wall gardens are closed online environments created by service providers
where subscribers can safely disinfect their systems.  When subscribers with
infected computers try to access the Web, their browsers are automatically
redirected to a protected environment provided by the ISP where the malicious
code can be securely purged.  The MAAWG best practices recommend these walled
garden sites include downloadable tools that allow users to remove the malware
themselves and that once the malicious code has been deleted subscribers' Web
access be easily restored.  According to the best practices, end-user
education should be a priority.
    "Infected subscribers are facing a real menace but have no idea they have
been compromised unless they notice their computers are running a little slow
or the malware shows up in an anti-virus scan," said Chasin.
    Addresses Significant Source of Spam and Fraud
    Currently, a large percentage of spam is sent through these ill-gotten
networks.  According to Richard Cox, the Chief Information Officer at the
Spamhaus Project, a nonprofit that tracks malicious online activity and whose
representative serves as a MAAWG senior advisor, "Every day -- day in, day out
-- we see between 750,000 and 1.2 million new IP addresses, proxies and botnet
zombies attempting to send spam.  This does not mean they are all new
infections, as infected PCs tend to move around the Internet IP address space
of the users' ISP."
    In a botnet, malware from various sources, such as a contaminated email
or malicious code downloaded from a malignant Web site, is unknowingly
installed on users' computers.  Once deployed, the "bot" or "zombie" machine
is controlled by commands from a "bot master," a person who uses the infected
network to send spam or carry out fraudulent activities.  The malicious code
is often designed to run in background mode, so subscribers with polluted
machines are usually unaware their systems are sending large quantities of
    The surreptitious networks can range from a thousand infected computers
to hundreds of thousands and also can be used to launch Distributed Denial of
Service (DDoS) attacks that prevent legitimate users from accessing a targeted
Web site.  Among other threats, the malware might also include a "key logger"
to record users' keystrokes and capture passwords or sensitive financial
information that is forwarded to identity thieves.
    Chasin said, "This is the first step and we'll continue to drive peer-to-
peer discussions on this issue.  Service providers are becoming more
sophisticated in their approach to botnets, and they realize the benefit to
both themselves and the broader online community as they educate subscribers."
    The "MAAWG Best Practices for the Use of a Walled Garden" outlines
criteria for entering and exiting closed safe environments, recommendations
for convenient end-user self-remediation, and practices to make end-user
education a primary focus. The document is available on the MAAWG Web site at
    About the Messaging Anti-Abuse Working Group (MAAWG)
    The Messaging Anti-Abuse Working Group (MAAWG) is where the messaging
industry comes together to work against spam, viruses, denial-of-service
attacks and other online exploitation.  MAAWG ( is the only
organization addressing messaging abuse holistically by systematically
engaging all aspects of the problem, including technology, industry
collaboration and public policy.  It leverages the depth and experience of its
global membership to tackle abuse on existing networks and new emerging
services.  Headquartered in San Francisco, Calif., MAAWG is an open forum
driven by market needs and supported by major network operators and messaging
    NOTE: This release is available in French at
    Media Contact: Linda Marcus, APR, 714-974-6356,, Astra
    MAAWG Sponsors (Board of Directors): AOL; AT&T; Bell Canada; Charter
Communications (Nasdaq:   CHTR); Cloudmark; Comcast (Nasdaq:   CMCSA); Cox
Communications (NYSE:   COX); EarthLink (Nasdaq:   ELNK); France Telecom (NYSE and
Euronext: FTE); Goodmail Systems; Google Inc.; Microsoft Corp. (Nasdaq:   MSFT);
Openwave Systems (Nasdaq:   OPWV); Time Warner Cable; Verizon Communications;
and Yahoo! Inc.
    MAAWG Full Members: 1&1 Internet AG; AG Interactive; Bizanga LTD;
Internet Initiative Japan, (IIJ Nasdaq:   IIJI); IronPort Systems; McAfee Inc.;
MX Logic; Outblaze LTD; Return Path, Inc.; Sprint; Sun Microsystems, Inc.;
Symantec; Telefonica SA; Telus; and Trend Micro, Inc.
    MAAWG Supporter Members: AcquireWeb, Inc.; Acxiom Digital; Adaptive
Mobile Security LTD; Adknowledge, Inc.; Aladdin Knowledge Systems; Alt-N
Technologies, Ltd.; Bandmail Solutions; BigHip; Bluehornet Networks, Inc.;
BoxSentry PTE Ltd.; CheetahMail, an Experian Co.; Cincinnati Bell; Click
Tactics; ColdSpark, Inc.; Commtouch Software LTD; CommuniGate Systems;
Constant Contact; Critical Path, Inc.; Datran Media; eBay, Inc.; eCircle AG;
ECO; e-Dialog; eleven GmbH; Emma, Inc.; Entidad Publica Empresarial RED.ES;
Epsilon;, Inc.; ExactTarget, Inc.; Facultas/Lyris UK; Fishbowl
Marketing; F-Secure Corp.; GetResponse, an Implix Company; Habeas Inc.;
iContact; Informz; Insender Technologies Inc.; Insight Midwest, L.P.; Ipsos
Interactive Services; Kerio Technologies, Inc.; Lyris Solutions; Mail-Filters;
Mansell Group, Inc.; Merkle/Quris; Message Level, LLC; Message Systems;
Messagelabs; Messaging Architects; Mirapoint Inc.; MTS Allstream Inc.;
Netsuite, Inc.; Nextel Communications; Perftech, Inc.; Pivotal Veracity;
Premiere Global Services; Responsys, Inc.; Rockliffe Systems; Rogers Cable;
RPost; RSA Security Inc.; S.C. Softwin SRL;; Sana Security;
Sandvine Incorp.; Sendmail, Inc.; SMobile Systems; Sophos Plc.; Splio; St.
Bernard Software; StreamShield Networks; StrongMail Systems, Inc.; Synacor,
Inc.; TDC; TDS Telecom; Team Cymru; ThinData; TMN Group; LP;
TRUSTe; Tucows Inc.; UPC Broadband Operations BV; Verisign Inc.;;
Word To The Wise; Yesmail; and ZDirect, Inc.

For further information:

For further information: Linda Marcus, APR, +1-714-974-6356,, Astra Communications for The Messaging Anti-Abuse Working 
Group Web Site:

Organization Profile


More on this organization

Custom Packages

Browse our custom packages or build your own to meet your unique communications needs.

Start today.

CNW Membership

Fill out a CNW membership form or contact us at 1 (877) 269-7890

Learn about CNW services

Request more information about CNW products and services or call us at 1 (877) 269-7890