From Vietnam with tens of millions of harvested emails, spam-ready SMTP servers and DIY spamming tools

by


How would a cybercriminal differentiate his unique value proposition (UVP) in order to attract new customers wanting to purchase commoditized underground market items like, for instance, harvested and segmented email databases? He’d impress them with comprehensiveness and ‘vertically integrated’ products and services. At least that’s what the cybercriminals behind the cybercrime-friendly market proposition I’m about to profile in this post are doing.

Tens of millions of harvested and segmented email databases, spam-ready bulletproof SMTP servers and DIY spamming tools, this one-stop-shop for novice spammers is also a great example of an OPSEC-unaware vendor who’s not only accepting Western Union/Money Gray payments, but also, has actually included his SWIFT wire transfer bank account details.

More details:

Sample screenshots of the inventory of harvested/segmented emails courtesy of the service:

Vietnam_Harvested_Email_Segmented_Spam_Database_DIY_Spamming_Tools Vietnam_Harvested_Email_Segmented_Spam_Database_DIY_Spamming_Tools_01 Vietnam_Harvested_Email_Segmented_Spam_Database_DIY_Spamming_Tools_02 Vietnam_Harvested_Email_Segmented_Spam_Database_DIY_Spamming_Tools_03 Vietnam_Harvested_Email_Segmented_Spam_Database_DIY_Spamming_Tools_04 Vietnam_Harvested_Email_Segmented_Spam_Database_DIY_Spamming_Tools_05 Vietnam_Harvested_Email_Segmented_Spam_Database_DIY_Spamming_Tools_06

Beyond the logical abuse of these databases — the services are conveniently forwarding the responsibility for eventual abuse to the customer — for massive fraudulent/malicious spam campaigns, such databases also set up the foundations for a successful ‘localized spam campaign‘, or APT (advanced persistent threat) type of campaign, acting as ‘touch points’ with the potential victims. In addition to the databases, the E-shop is offering multiple DIY spamming tools, allowing anyone who purchases them to harvest emails and send spam through the use of custom-configured SMTP servers, or relying on the ones provided by the service.

We expect to continue observing customer-ized attempts to monetize commoditized underground market items, like harvested email databases, where the degree of geolocation and quality of the ‘leads’, will be proportional with the long-term business potential for the vendor of the service/product.

As always, we’ll continue monitoring the development of this one-stop-shop for spammers, and post updates as soon as new developments emerge.

You can find more about Dancho Danchev at his LinkedIn Profile. You can also follow him on Twitter.