March 16, 2012 By Dancho Danchev

Millions of harvested U.S government and U.S military email addresses offered for sale

Remember the underground service offering millions of harvested emails for sale profiled at the Webroot Threat Blog in January?

It appears  that cybercriminals are continuing to innovate in this underground market segment by offering geolocated databases of millions of harvested emails for better targeting in their upcoming spam campaigns.

In this post, I’ll profile yet another cybercrime underground  service selling millions of harvested emails to potential cybercriminals.

What’s particularly interesting about this service compared to the previous one profiled at the Webroot Threat Blog is that it offers segmented databases of harvested emails based on a particular country, or multiple gTLDs for better campaign targeting in upcoming spam campaigns, and targeted attacks.

Screenshots of the inventory of harvested emails currently offered for sale:

Next to mass marketing campaigns, the segmented databases could be used for launching targeted attacks against a particular country, which in combination with localization — translating the spam message into the native language of the prospective recipient — and event-based social engineering attacks, could increase the probability of successful interaction with the malicious emails.

In respect to targeted malware attacks, the service is currently offering 2.462.935 U.S government email addresses, and another 2.178.000 U.S military email addresses.

Cybercriminals often collect these through active data mining of malware-infected hosts, or through direct web crawling using commercial and private email harvesting tools.

U.S government and U.S military users whose emails have been exposed are advised to be extra vigilant for potential targeted malware attacks enticing them into downloading and executing a malicious attachment, or attempting to trick them into clicking on a client-side exploits serving link found in the emails.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button

Trackbacks

  1. […] overheid en 2,2 miljoen adressen van Amerikaanse militairen. Het aanbod werd vorige week ontdekt door onderzoeker Danko Danchev van Webroot. Volgens hem zijn zulke databases goed bruikbaar in […]

  2. […] An entry on the Webroot blog site said this may be the latest innovation to allow cybercriminals better targeting in their upcoming spam campaigns. “What’s particularly interesting about this service … is that it offers segmented databases of harvested emails based on a particular country, or multiple gTLDs for better campaign targeting in upcoming spam campaigns, and targeted attacks,” it said. […]

  3. […] that continue selling millions of already harvested email addresses, next to another service, selling exclusive access to U.S Government and U.S Military email addresses, for potential use in targeted, segmented attacks, also known as advanced persistent […]

  4. […] a spammer, starting for a managed spam appliance, DIY email harvesters, and millions of harvested emails, are available for sale within the cybercrime ecosystem. Despite the numerous botnet take downs […]

  5. […] to commodity underground goods and services such as managed spam, harvested email databases, boutique cybercrime-friendly services, services offering access to hacked PCs, managed malware […]

  6. […] to collect valid accounting data from legitimate customers. Thanks to the overall availability of harvested email databases, managed spam services, and phishing site templates for the most popular brands in the financial […]

  7. […] and SSH accounting data, as well as DIY Spam Mailers and “marketing leads”, namely, harvested databases of email addresses, with the prices varying between $8-$15. Thanks to the overall availability of DIY crimeware and […]

  8. […] Millions of harvested U.S government and U.S military email addresses offered for sale – 2012 marked the peak of cyber espionage campaigns launched by multiple characters across the Web. Meanwhile, on a periodic basis, US government released reports blamed China as being the single most persistent cyber espionage player in the world. In fact, a huge percentage of APT campaigns started using spear phishing emails. So it’s not a suprprise that during 2012 we stumbled upon a service offering access to millions of harvested US government and US military emails, which is just the tip of the iceberg. […]

  9. […] on how the spam ecosystem really works – Millions of harvested emails offered for sale; Millions of harvested U.S government and U.S military email addresses offered for sale; New DIY email harvester released in the wild; A peek inside a managed spam service; Mobile […]

  10. […] wants, and demands of potential customers. Utilizing basic marketing concepts such as localization, market segmentation, as well as personalization, today’s sophisticated cybercriminals would never choose to […]

true