Two major spam events in 2012

by Stephane

Spam in the pharmaceutical industry and the Nitol botnet

The year 2012 ended with two significant events. On the one hand, Microsoft’s Digital Crimes Unit has succeeded in slowing or even halting the progress of a botnet called Nitol. The relationship between spam and the pharmaceutical industry was also discussed at the 21st Ipes safety symposium.

 

 

The fight against the Nitol botnet

A botnet is a collection of computers infected and controlled remotely by a hacker. Most of the time, it’s used to distribute malware or send spam. The power of the botnet depends essentially on the size of the network. To counter spam, we need to think about decapitating botnets.

 

Thanks to a vast technical and legal operation, Microsoft has succeeded in blocking the expansion of an emerging botnet called Nitol. Following the ruling issued by the Court of Virginia, he was able to seize the 3322.org domain where the botnet was hosted, and stop 70,000 sub-domains that could have endangered the security of users of new machines.

 

According to the experts who discovered this botnet, the computers were infected as soon as they were purchased, and affiliated to the botnet from the outset without the buyers being aware of it. This situation puts users at risk, as the sponsor in control of the botnet uses its network to communicate on social networks, run a spam campaign and swindle victims’ contacts. It’s also possible that this hacker can activate the webcam and microphone of zombie PCs, or record the keystrokes made by users on their keyboards in order to retrieve their sensitive data.

 

 

Spam and the drug market

Spam has always been used by hackers to commit a wide range of crimes: theft of bank details or identity, fraud and financial scams. It is also used by the ill-intentioned to conduct what is known as “marketing abuse”. Counterfeiters use spam to promote their products. This is the case in the pharmaceutical industry.

 

Every year, spam generates several hundred million euros for the pharmaceutical industry. The sale of drugs over the Internet, the parallel market and so-called affiliate programs are at the root of the profitability of this illicit sale. The trade in certain products, such as Viagra, is particularly flourishing in the parallel economy.

 

Other vectors, such as the sale of unauthorized drugs on the Internet and “black hats”, were also mentioned by American scientists at the 21st Security Symposium. These latest practices consist in optimizing the referencing of sites specializing in the sale of counterfeit pharmaceutical products. They also discuss the roles played by American customers, sponsors, payment systems, affiliate programs and prospecting linked to the use of spam and botnets.

 

According to the findings of the American scientists, the weak points of the black market in counterfeit drugs lie in its monetization and the costs associated with affiliate programs.

Test Altospam’s solutions!

Thousands of companies, CTOs, CIOs, CISOs and IT managers already trust us to protect their e-mail against phishing, spear phishing, ransomware, …