Tag: spammer

Russian “spammer” and Trump suspect finds pain in Spain

Inspector Knacker of the Barcelona yard has fingered the collar of a Russian programmer following US allegations of large-scale hacking.

Pyotr Levashov was held in Barcelona and has been remanded in custody.

Spanish coppers claim Levashov controlled a botnet called Kelihos, hacking information and installing malicious software in hundreds of thousands of computers.

The arrest was part of a “complex inquiry carried out in collaboration with the FBI”, police said.

Levashov is subject to a US international arrest warrant and a Spanish court will hear whether he can be extradited.

Much of his activity involved ransomware – blocking a computer’s access to certain information and demanding a ransom for its release.

Levashov’s wife Maria told Russian broadcaster RT that the arrest had been made in connection with allegations that Russians had hacked the US presidential election.

She claimed that Spanish coppers had told her that it was all about a “a virus which appears to have been created by my husband and is linked to [Donald] Trump’s victory”.

Agence France-Presse  quoted a source close to the matter in Washington as saying that Levashov’s detention was “not tied to anything involving allegations of Russian interference with the US election”.

Several cybersecurity experts, including Brian Krebs, have also linked Levashov to a Russian spam kingpin, who uses the alias Peter Severa.

South Korea probes Hyundai hack

South Korea’s financial watchdog launched an investigation into the hacking of Hyundai Capital, the consumer finance unit of Hyundai Motor Group.

According to Reuters, the Financial Supervisory Service is concerned about how personal data on 420,000 of Hyundai Capital’s 1.8 million customers ended up in the paws of hackers.

Over the weekend Hyundai admitted that its database was leaked when an unidentified hacker attacked its database.

The personal information nicked was the name, email, and mobile phone information but apparently there was no financial transaction information directly taken.

Vice President Hwang Yoo-no said there was “a possibility that some secret information was hacked, including customer passwords and credit ratings.” In short passwords were leaked for around 13 thousand customers and the hackers had pretty much access to everything if they used them.

The company said in a statement on Sunday it was conducting its own investigation into the incident. But the hack has sent the financial markets into a spin.

After all if you can’t trust a bank to be secure, who can you trust? What is alarming is that the finance outfit’s security system failed completely, which is why the Financial Supervisory Service is concerned.

The cracker’s removal of customer data began in February of this year. However, Hyundai Capital remained oblivious. Apparently it only discovered the security breach after it was contacted by a hacker last week. In other words, the security system was dependant on a hacker telling them that he had just hacked them.

Hyundai Capital gives cash for car financing, personal loans and home mortgages. It is owned by Hyundai and GE Capital. 

Microsoft shuts down spammer

One of the world’s top spammers has just lost a fight with software giant Microsoft .

According to a Volish lawsuit, Microsoft paramilitaries, er security staff,  backed by Inspector Knacker of the Software Yard carried out several coordinated raids against the Rustock botnet.

Rustock is a botnet that infected millions of computers, with fake drugs spam. Writing in his bog, legal Vole Richard Boscovich said that the network would serve up a billion spam emails a day.

Seven hosting facilities were raided across the US which seized the command-and-control machines that ran the network.

Rustock was responsible for 39 percent of the world’s spam last year so we should see a lot less of the stuff hitting our in-box.

Boscovich said that Rustock’s infrastructure was much more complicated than other botnets.

It relied on hard-coded Internet Protocol addresses rather than domain names and peer-to peer command and control servers to control the botnet.

Vole was worried that the bot could be quickly shifted to a new infrastructure, so it got a court order allowing it to work with the U.S. Marshall Service to physically capture evidence onsite and, in some cases, take the affected servers from hosting providers for analysis.

Specifically, servers were seized from five hosting providers in Kansas City, Scranton, Denver, Dallas, Chicago, Seattle, and Columbus. Afterwards, with help from the upstream providers, Vole severed the IP addresses that controlled the botnet, cutting off communication and disabling it.

What was unusual about this particular raid was it was done by Vole acting alone and without any help from the cybersecurity community.

Spam monitors thought something was odd when the botnet’s activity halted.

Spam levels rise again

Last year’s dramatic fall in the levels of emails advertising Viagra products and herbal medicines has levelled out and is showing the first signs of making a comeback.

Insecurity outfit Symantec said that pharmaceutical promotions usually account for around 64 percent of all email spam globally which is about 60 billion messages a day. However this fell to 0.1 percent over the Christmas period, accounting for only 70 million emails.

The volume of total email spam dropped to its lowest point in two years last month, from 200 billion a day in August to around 30 billion daily at the end of December.

Now Symantec is warning that figure rebounded sharply to 70 billion emails as botnets start to crank up again.

The botnet known as Rustock, which was switched off on Christmas day, and pharmaceutical spam fell. Butovernight Rustock activity soared, prompting security experts to predict that spam levels in the next 24 hours could increase exponentially. Rustock accounted for 30 percent and is rising all the time.

According to the Guardian  Rustock is connected to the recently closed site Spamit.com, which was credited with dishing up a large amount of global spam last year.

If you get Viagra advertising in your email there is a very good chance that it is Rustock that sent it to you. Apparently they could measure the success of their campaigns via Spamit and then get paid on the basis of its performance.

It is still a mystery why the spammers took Christmas off. Perhaps they needed a break, or maybe they were just feeling all Christmasy and did not want to bother anyone that day.

US bloke makes a living suing spammers

Apparently you can quit your job and make a living suing spammers

According to the Seattle Pi, Daniel Balsam chucked his job as a marketing executive to turn Van Helsing on the vampire spammers.

His career started eight years ago when he got one too many e-mail pitches to enlarge his breasts.

He set up a website called Danhatesspam.com, went to law school and is making a decent living suing companies who flood his e-mail inbox with offers of cheap drugs, free sex and unbelievable vacations.

Balsam, who is based in San Francisco, has filed many lawsuits, including dozens before he graduated law school in 2008, against e-mail marketers.

Apparently Balsam settles enough lawsuits and collects enough from judgements to make a living. In fact he has made $1 million out of companies accused of sending illegal spam.

The spammers claim that he is one of many who make dosh from exploiting anti-spam laws. They moan that he files lawsuits against out-of-state companies that would rather pay a small settlement than expend the resources to fight the legal claims.

Bennet Kelley, a defense lawyer, has been identified as Balsam’s arch nemesis. He even created a website critical of Balsam’s tactics and has sued Balsam twice for allegedly violating confidentiality terms in settlement agreements.

Balsam uses the small claims court and the spammers will often pay up to avoid the hassle.

Balsam said he has more than 40 small claims victories and several more in higher courts, mostly alleging the receipt of misleading advertising.

He has been sued himself. Tagged.com sued him for threatening to violate terms of an earlier settlement by telling the company he was planning to post terms of the agreement on his website.

Valueclick also complained that he breached settlement agreements by exposing confidential terms.

Spammers use sweatshop labour

Spammers are using sweatshop labour to bypass CAPTCHA security.

For a while now CAPTCHA boxes have prevented spammers from hitting websites by having to prove they are human by requiring them to figure out what is written in a graphic.

While this is tricky for a machine to do it is very easy for a human, what ever language they happen to speak.

So the spammers have outsourced CAPTCHA solving to teams of low-wage workers in places like Russia and Southeast Asia. According to Stefan Savage, who is a a professor in the department of computer science and engineering at the University of California San Diego the beauty of most modern CAPTCHAs is that they simply take Latin characters — so they don’t actually need to understand what the words mean — they simply need to be able to look at the symbols and type the appropriate ones on their keyboard.

Savage penned a paper on the economics of this underground CAPTCHA trade.

He said that CAPTCHA-solving teams are sweatshop labour, where people will just sit and be given these images to solve and will type them in all day.

They can turn around a CAPTCHA in between 10 and 20 seconds and they get 75 cents per 1,000 CAPTCHAs solved. Most hope to get about $2 or $3 a day.

This is about same as the lowest paid textile work so the quality of life is slightly better than being in a textile mill.

There’s nothing illegal about solving a CAPTCHA, even if what the solvers are doing supports fraudulent activity, so the coppers are not going to close the operations down.

He said that with operations like this, it is pointless to use CAPTCHAs as they don’t ultimately prevent abuse, although they might prevent things getting much worse.