Spam Botnets – Darknet Diaries
Tags
| country: | Canada Mexico Russia |
| attack-pattern: | Data Botnet - T1583.005 Botnet - T1584.005 Domains - T1583.001 Domains - T1584.001 Malware - T1587.001 Malware - T1588.001 |
Common Information
| Type | Value |
|---|---|
| UUID | b7c3a1c4-c9c0-49ae-9ff0-be20a64d81dd |
| Fingerprint | 71081b7d8bf0fdfd |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Feb. 8, 2022, midnight |
| Added to db | Sept. 26, 2022, 9:33 a.m. |
| Last updated | Nov. 17, 2024, 5:57 p.m. |
| Headline | EP 110: Spam Botnets |
| Title | Spam Botnets – Darknet Diaries |
| Detected Hints/Tags/Attributes | 51/2/146 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://darknetdiaries.com/episode/110/ |
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 3 | juniper.net |
|
| Details | Domain | 6 | cybereason.com |
|
| Details | Domain | 132 | www.sophos.com |
|
| Details | Domain | 5 | cseweb.ucsd.edu |
|
| Details | Domain | 16 | www.pandasecurity.com |
|
| Details | Domain | 10 | www.cyber.nj.gov |
|
| Details | Domain | 202 | krebsonsecurity.com |
|
| Details | Domain | 15 | www.wired.co.uk |
|
| Details | Domain | 8 | www.trendmicro.co.uk |
|
| Details | Domain | 1 | www.nominet.uk |
|
| Details | Domain | 1 | www.m86security.com |
|
| Details | Domain | 57 | www.theregister.com |
|
| Details | Domain | 622 | en.wikipedia.org |
|
| Details | Domain | 184 | www.fireeye.com |
|
| Details | Domain | 39 | www.wsj.com |
|
| Details | Domain | 1 | shop.sourcebooks.com |
|
| Details | Domain | 9 | phys.org |
|
| Details | Domain | 19 | www.politico.com |
|
| Details | Domain | 403 | securelist.com |
|
| Details | Domain | 177 | www.wired.com |
|
| Details | Domain | 1 | www.wuwm.com |
|
| Details | Domain | 44 | www.bloomberg.com |
|
| Details | Domain | 1 | www0.cs.ucl.ac.uk |
|
| Details | Domain | 98 | www.secureworks.com |
|
| Details | Domain | 604 | www.trendmicro.com |
|
| Details | Domain | 41 | www.bbc.co.uk |
|
| Details | Domain | 138 | www.darkreading.com |
|
| Details | Domain | 15 | news.bbc.co.uk |
|
| Details | Domain | 110 | doi.org |
|
| Details | Domain | 145 | threatpost.com |
|
| Details | Domain | 281 | docs.microsoft.com |
|
| Details | Domain | 41 | blogs.microsoft.com |
|
| Details | Domain | 124 | www.nytimes.com |
|
| Details | Domain | 2 | www.forbes.ru |
|
| Details | Domain | 3 | www.cnews.ru |
|
| Details | Domain | 2 | safe.cnews.ru |
|
| Details | Domain | 216 | www.symantec.com |
|
| Details | Domain | 66 | www.washingtonpost.com |
|
| Details | Domain | 1 | nabp.pharmacy |
|
| Details | Domain | 1 | www.safemedicines.org |
|
| Details | Domain | 1 | playlist.megaphone.fm |
|
| Details | File | 1 | samosseikovb2009paper.pdf |
|
| Details | File | 17 | en.pdf |
|
| Details | File | 1 | usenixsec12.pdf |
|
| Details | File | 1 | botnet-chronicles-whitepaper-en.pdf |
|
| Details | File | 1 | spam-nation-meet-the-russian-cybercrooks-behind-the-digital-threats-in-your-inbox.html |
|
| Details | File | 1 | spam-to-russian-botnet-criminals.html |
|
| Details | File | 1 | m86_labs_report_jan2010.pdf |
|
| Details | File | 1 | silent-rustock.html |
|
| Details | File | 1 | spam-nation.html |
|
| Details | File | 1 | 2012-08-usenix.html |
|
| Details | File | 1 | www0.cs |
|
| Details | File | 1 | saito_botnet.pdf |
|
| Details | File | 2 | oakland11.pdf |
|
| Details | File | 252 | www.cs |
|
| Details | File | 1 | 4-reasons-it-s-getting-harder-to-find-and-fight-them.html |
|
| Details | File | 1 | killing-the-beast.html |
|
| Details | File | 1 | killing-the-beast-part-5.html |
|
| Details | File | 1 | 6298641.stm |
|
| Details | File | 1 | microsoft-takes-down-277-waledac-botnet-domains.htm |
|
| Details | File | 1 | harvesters-asiaccs2014.pdf |
|
| Details | File | 1 | infiltrating-pushdo-part-2-2.html |
|
| Details | File | 1 | chasing-cncs-part1.html |
|
| Details | File | 1 | rustocks-new-home.html |
|
| Details | File | 1 | mccolo-up-again.html |
|
| Details | File | 1 | 27spam.html |
|
| Details | File | 1 | ar2008111200658.html |
|
| Details | File | 1 | rogue-rx-activity-report-may-2020.pdf |
|
| Details | File | 72 | www.safe |
|
| Details | File | 1 | nabp-fake-pharmacies-and-covid-19.html |
|
| Details | Url | 3 | https://www.sophos.com/en-us/medialibrary/pdfs/technical |
|
| Details | Url | 1 | https://cseweb.ucsd.edu/~apitsill/papers/usenixsec12.pdf |
|
| Details | Url | 1 | https://www.pandasecurity.com/mediacenter/security/what-is-a-botnet |
|
| Details | Url | 1 | https://www.cyber.nj.gov/threat-center/threat-profiles/botnet-variants/cutwail |
|
| Details | Url | 1 | https://krebsonsecurity.com/tag/0bulk-psyche-evolution |
|
| Details | Url | 1 | https://www.researchgate.net/publication/284219242_master_of_puppets_analyzing_and_attacking_a_botnet_for_fun_and_profit |
|
| Details | Url | 1 | https://www.wired.co.uk/article/infoporn-rise-and-fall-of-uks-biggest-spammer |
|
| Details | Url | 1 | https://www.trendmicro.co.uk/media/wp/botnet-chronicles-whitepaper-en.pdf |
|
| Details | Url | 1 | https://www.nominet.uk/the-cutwail-spam-delivery-service |
|
| Details | Url | 1 | https://krebsonsecurity.com/2012/01/pharma-wars-google-the-cutwail-botmaster |
|
| Details | Url | 1 | https://www.researchgate.net/publication/228415809_the_underground_economy_of_spam_a_botmaster |
|
| Details | Url | 1 | https://slate.com/technology/2014/11/spam-nation-meet-the-russian-cybercrooks-behind-the-digital-threats-in-your-inbox.html |
|
| Details | Url | 1 | https://www.networkworld.com/article/2260053/experts-link-flood-of–canadian-pharmacy–spam-to-russian-botnet-criminals.html |
|
| Details | Url | 1 | https://www.m86security.com/newsimages/trace/m86_labs_report_jan2010.pdf |
|
| Details | Url | 1 | https://www.ftc.gov/news-events/press-releases/2009/06/ftc-shuts-down-notorious-rogue-internet-service-provider-3fn |
|
| Details | Url | 1 | https://www.theregister.com/2011/03/23/rustock_takedown_analysis |
|
| Details | Url | 1 | https://en.wikipedia.org/wiki/rustock_botnet |
|
| Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2010/10/silent-rustock.html |
|
| Details | Url | 1 | https://www.wsj.com/articles/bl-dgb-22173 |
|
| Details | Url | 1 | https://arstechnica.com/information-technology/2011/03/how-operation-b107-decapitated-the-rustock-botnet |
|
| Details | Url | 1 | https://shop.sourcebooks.com/spam-nation.html |
|
| Details | Url | 1 | https://phys.org/news/2012-08-usenix.html |
|
| Details | Url | 1 | https://www.politico.com/magazine/story/2014/12/pharma-spam-113562 |
|
| Details | Url | 1 | https://securelist.com/the-botnet-business/36209 |
|
| Details | Url | 1 | https://www.wired.com/2006/08/spamking |
|
| Details | Url | 1 | https://www.wuwm.com/post/how-feud-between-two-russian-companies-fueled-spam-nation |
|
| Details | Url | 1 | https://www.bloomberg.com/quicktake/drug-prices |
|
| Details | Url | 1 | https://www.theatlantic.com/entertainment/archive/2018/03/20-years-of-viagra/556343/#: |
|
| Details | Url | 1 | http://www0.cs.ucl.ac.uk/staff/g.stringhini/papers/saito_botnet.pdf |
|
| Details | Url | 1 | https://www.secureworks.com/research/pushdo |
|
| Details | Url | 1 | https://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/cutwail |
|
| Details | Url | 1 | https://www.techrepublic.com/blog/it-security/pushdo-cutwail-botnet-second-to-none-when-it-comes-to-spamming |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/which-botnet-is-worst-report-offers-new-perspective-on-spam-growth/d/d-id/1132055? |
|
| Details | Url | 1 | https://krebsonsecurity.com/2012/02/whos-behind-the-worlds-largest-spam-botnet/#more |
|
| Details | Url | 2 | http://cseweb.ucsd.edu/~savage/papers/oakland11.pdf |
|
| Details | Url | 1 | https://www.techrepublic.com/article/spam-nation-cybercrime-and-spam-are-far-bigger-security-threats-than-you-think |
|
| Details | Url | 1 | https://securelist.com/spam-report-june-2011/36375 |
|
| Details | Url | 1 | https://www.csoonline.com/article/2123967/botnets–4-reasons-it-s-getting-harder-to-find-and-fight-them.html |
|
| Details | Url | 1 | http://www.bbc.co.uk/news/mobile/technology-15776973 |
|
| Details | Url | 1 | https://www.darkreading.com/risk/inside-one-of-the-worlds-biggest-botnets/d/d-id/1135416 |
|
| Details | Url | 1 | https://www.darkreading.com/attacks-breaches/major-disruption-of-pushdo-botnet-wasnt-the-original-goal/d/d-id/1134253 |
|
| Details | Url | 1 | https://www.researchgate.net/publication/224110468_malware_authors_don |
|
| Details | Url | 1 | https://www.secureworks.com/research/waledac-kelihos-botnet-takeover |
|
| Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2009/06/killing-the-beast.html |
|
| Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2012/07/killing-the-beast-part-5.html |
|
| Details | Url | 1 | https://www.wired.com/story/what-is-sinkholing |
|
| Details | Url | 1 | http://news.bbc.co.uk/1/hi/business/6298641.stm |
|
| Details | Url | 1 | https://doi.org/10.2147/dhps.s46232 |
|
| Details | Url | 1 | https://threatpost.com/waledac-botnet-now-completely-crippled-experts-say-031610/73694 |
|
| Details | Url | 1 | https://docs.microsoft.com/en-us/archive/blogs/microsoft_on_the_issues/cracking-down-on-botnets |
|
| Details | Url | 1 | https://blogs.microsoft.com/blog/2010/09/08/r-i-p-waledac-undoing-the-damage-of-a-botnet |
|
| Details | Url | 1 | https://blogs.microsoft.com/on-the-issues/2011/03/17/taking-down-botnets-microsoft-and-the-rustock-botnet |
|
| Details | Url | 1 | https://www.crn.com/news/security/223100744/microsoft-takes-down-277-waledac-botnet-domains.htm?itc=refresh |
|
| Details | Url | 1 | https://www.wsj.com/articles/sb10001424052748704240004575086523786147014 |
|
| Details | Url | 1 | https://www.ucl.ac.uk/jill-dando-institute/sites/jill-dando-institute/files/harvesters-asiaccs2014.pdf |
|
| Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2010/08/infiltrating-pushdo-part-2-2.html |
|
| Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2010/08/chasing-cncs-part1.html |
|
| Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2008/11/rustocks-new-home.html |
|
| Details | Url | 1 | https://www.fireeye.com/blog/threat-research/2008/11/mccolo-up-again.html |
|
| Details | Url | 1 | https://www.theregister.com/2011/06/27/chronopay_arrests |
|
| Details | Url | 1 | https://krebsonsecurity.com/2013/08/pavel-vrublevsky-sentenced-to-2-5-years |
|
| Details | Url | 1 | https://www.theregister.com/2014/06/04/hacker_hired_to_build_russias_national_payment_system_report |
|
| Details | Url | 1 | https://www.nytimes.com/2010/10/27/business/27spam.html |
|
| Details | Url | 1 | https://www.forbes.ru/sp_data/2014/sex_drugs_and_rockn_roll/#gl_1 |
|
| Details | Url | 1 | https://www.cnews.ru/news/top/spamer_1_schitaetchto_ego_travit |
|
| Details | Url | 1 | https://safe.cnews.ru/news/top/russkaya_spamset_glavmed_zarabotala |
|
| Details | Url | 1 | https://www.fda.gov/inspections-compliance-enforcement-and-criminal-investigations/warning-letters/rx-partners-09192017 |
|
| Details | Url | 1 | https://www.fda.gov/inspections-compliance-enforcement-and-criminal-investigations/warning-letters/glavmed-09192017 |
|
| Details | Url | 1 | https://www.fda.gov/inspections-compliance-enforcement-and-criminal-investigations/warning-letters/rx-partners-06082015 |
|
| Details | Url | 1 | http://www.symantec.com/connect/blogs/recent-drop-global-spam-volumes-what-happened |
|
| Details | Url | 1 | https://www.washingtonpost.com/wp-dyn/content/article/2008/11/12/ar2008111200658.html |
|
| Details | Url | 1 | https://www.wired.com/2017/04/fbi-took-russias-spam-king-massive-botnet |
|
| Details | Url | 1 | https://www.justice.gov/opa/pr/russian-national-who-operated-kelihos-botnet-pleads-guilty-fraud-conspiracy-computer-crime |
|
| Details | Url | 1 | https://nabp.pharmacy/wp-content/uploads/2020/05/rogue-rx-activity-report-may-2020.pdf |
|
| Details | Url | 1 | https://www.safemedicines.org/2020/06/nabp-fake-pharmacies-and-covid-19.html |
|
| Details | Url | 1 | https://playlist.megaphone.fm?e=adv1493915926 |