Telstra and security experts have blamed a spam-generating worm for BigPond service problems, which they claim hit other major ISPs. Yet rival ISPs say it's business as usual.
Australia's largest ISP, Telstra, is cleaning up the damage after what is believed to be an orchestrated virus attack that crippled its BigPond service and flooded users with spam emails, causing email delays.
Telstra issued a media statement which stated it 'believed' that spam-generating worm Swen 'was largely responsible for the recent and sudden surge in email traffic last month on its BigPond network'. BigPond's email traffic surged more than 20 percent -- from a regular volume of around 8 million messages a day to 13 million.
Telstra claimed the resulting network slowdown was not unique to Telstra, but was consistent with the experience of other major ISPs.
'Telstra understands that the virus/worm has been taking over customers' computers and using them to send large amounts of junk emails (spam),' it stated. Telstra said it understood US-based Internet security researchers Symantec and Trend Micro supported its claim that the Swen worm had caused the surge.
US security expert Vincent Weafer, senior director of Symantec's security response team, confirmed with iTNews that Telstra and other major ISPs had been attacked by Swen in the past week. Weafer said other mass-mailing worms had also slowed internet traffic globally.
Weafer could not disclose the names of other affected ISPs in Australia due to confidentiality agreements, but confirmed it was a global event.
BigPond's chief Justin Milne has reportedly deemed the virus attack 'terrifying', saying this was the first time a virus attack has been combined with spam.
Milne reportedly said the virus was sent to thousands of computer users and lay dormant for weeks, waiting for its maker to order an attack. The virus then took over each computer and turned it into a mail relay to flood the internet with spam causing a 25 percent spike in traffic overnight.
However, a spokesperson from rival ISP Optus said: 'No, we're not experiencing any worm activity and no unusual internet traffic patterns. It's business as usual for Optus.'
OptusNet, she said, saw Swen weeks ago and were able to put in place blocks and systems to deal with the worm and was were able to monitor the network to block spam.
'The Optus network has been built with a degree of headroom and is able to handle peaks and troughs,' The spokeswoman said.
OzEmail, Primus and Internode also reportedly stated that they had not been affected to nearly the same extent as BigPond.
CEO of web-hosting outfit Hostworks, Marty Gauvin, said: 'We have seen what is consistent with other non-Telstra ISPs. There is no evidence of worm activity that cause these types of issues, which would make it a worm that only affects Telstra, which is rather odd.'
Meanwhile, Telstra BigPond customers continued to be impacted by network delays. Wendy Hill, director of a small media consultancy firm, Bird and Hill PR, said the impact would be hard to quantify in monetary terms, but it had been 'disruptive, inconvenient and created anxiety'.
Hill said the problems began with an increase in spam almost a month ago. 'Over one weekend [my partner] received 300 emails that were spam and I got 150,' she said.
Calls to BigPond reached an automated message service which assured her no emails would be lost. 'But emails were lost,' Hill said.
Eventually one of her employees managed to negotiate compensation from Telstra. 'They asked what we wanted. We asked for 50 percent off the next bill. They were very quick to agree to that,' she said.
Telstra said its technical staff had been working 'around the clock' to establish additional network capacity which should deliver gradual improvements to customers who may be experiencing delays with email.
Telstra urged its customers to take steps to 'improve their email experience', such as: installing anti-virus or anti-spam filters, scanning their systems for the virus as it may have deactivated the antivirus software and manually requesting their systems to retrieve email messages.
Telstra reminded users to be wary of email messages from unknown sources and to delete such messages unopened.
-1.jpg&w=100&c=1&s=0)
.png&w=100&c=1&s=0)
