April 15, 2013 By Dancho Danchev

Cybercriminals offer spam-friendly SMTP servers for rent

In times when modern cybercriminals take advantage of the built-in SMTP engines in their malware platforms, as well as efficient and systematic abuse of Web-based email service providers for mass mailing fraudulent or malicious campaigns, others seem to be interested in the resurrection of an outdated, but still highly effective way to send spam, namely, through spam-friendly SMTP servers.

In this post, I’ll profile a recently posted underground market ad for spam-friendly SMTP servers, offered for sale for $30 on a monthly basis.

More details:

Sample screenshot of the service:

SMTP_Server_Spam_Sale_Underground_Market_2013_01

Second screenshot of the service:

SMTP_Server_Spam_Sale_Underground_Market_2013_02

The starting package includes 20GB disk space, one SMTP server, and the capacity to send out 700k spam emails, followed by the optimal package which includes 3 SMTP servers, 10GB disk space, and the capacity to send out 2 million emails on a monthly basis. Last but not least is the Hurricane package with unlimited disc space, 10 SMTP servers, and the ability to send out 7 million emails on a monthly basis.

The domain promoting the service is hosted within Veraton Projects LTD’s network, a questionable hosting provider offering managed access to “offshore” servers, VPS, and domain name registration services.

Sample

SMTP_Server_Spam_Sale_Underground_Market_2013_03

Sample:

SMTP_Server_Spam_Sale_Underground_Market_2013_04

Sample:

SMTP_Server_Spam_Sale_Underground_Market_2013_05

Sample:

SMTP_Server_Spam_Sale_Underground_Market_2013_06

Sample:

SMTP_Server_Spam_Sale_Underground_Market_2013_07

Although these services have the potential to offer an efficient and most importantly bullet proof network infrastructure for cybercriminals to take advantage of, we doubt that this particular vendor has the expertise and the know how to remain online long enough to continue offering the spam-friendly SMTP servers for rent.

We’ll continue monitoring this service, and post updates as soon as new developments emerge.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on  Twitter.

Share Button
true