Someone pointed
this out earlier; It's probably been on slashdot or something, but I don't read slashdot

Seems it would be somewhat easy to track these problems down with a sealed box or better yet a virtual machine. Plus, if they talk to anything offsite, snooping the network will show what it is, and we can all just blackhole route it and get on with life.