June 22, 2012

Consumer demand for cheap prescription drugs sold through spam-advertised Web sites shows no sign of abating, according to a new analysis of bookkeeping records maintained by three of the world’s largest rogue pharmacy operations.

Researchers at the University of California, San Diego, the International Computer Science Institute and George Mason University examined caches of data tracking the day-to-day finances of GlavMed, SpamIt, and Rx-Promotion, shadowy affiliate programs that over a four-year period processed more than $170 million worth of orders from customers seeking cheaper, more accessible and more discretely available drugs. The result is perhaps the most detailed analysis yet of the business case for the malicious software and spam epidemics that persist to this day.

Their conclusion? Spam — and all of its attendant ills — will remain a prevalent and pestilent problem because consumer demand for the products most frequently advertised through junk email remains constant.

“The market for spam-advertised drugs is not even close to being saturated,” said Stefan Savage, a lead researcher in the study, due to be presented early next month at the 21st USENIX security conference in Bellevue, Wash. “The number of new customers these programs got each day explains why people spam: Because sending spam to everyone on the planet gets you new customers on an ongoing basis, so it’s not going away.”

The researchers found that repeat customers are critical to making any rogue pharmacy business profitable. Repeat orders constituted 27% and 38% of average program revenue for GlavMed and SpamIt, respectively; for Rx-Promotion, revenue from repeat orders was between 9% and 23% of overall revenue.

“This says a number of things, and one is that a lot of people who bought from these programs were satisfied,” Savage said. “Maybe the drugs they bought had a great placebo effect, but my guess is these are satisfied customers and they came back because of that.”

Whether the placebo effect is something that often applies with the consumption of erectile dysfunction drugs is not covered in this research paper, but ED drugs were by far the largest category of pills ordered by customers of all three pharmacy programs.

One interesting pattern that trickled out of the Rx-Promotion data underscores what made this pharmacy affiliate unique and popular among repeat buyers: A major portion of its revenues was generated through the sale of drugs that have a high potential for abuse and are thus tightly controlled in the United States, including opiates and painkillers like Oxycodone, Hydrocodone, and mental health pills such as Adderall and Ritalin. The researchers noticed that although pills in this class of drugs — known as Schedule II in U.S. drug control parlance — comprised just 14 percent of orders for Rx-Promotion, they accounted for nearly a third of program revenue, with the Schedule II opiates accounting for a quarter of revenue.

“The fact that such drugs are over-represented in repeat orders as well (roughly 50 percent more prevalent in both Rx-Promotion and, for drugs like Soma and Tramadol, in SpamIt) reinforces the hypothesis that abuse may be a substantial driver for this component of demand,” the researchers wrote.


The study also seeks to explain the revenue model behind these pharmacy affiliate partnerships — often referred to in Russian as “partnerkas.” In a typical partnerka, the program sponsors handle everything from purchasing pill site domains and arranging hosting, to procuring the pills, credit card processing, managing shipment and customer support. The sole role of the affiliates or spammers is to undertake the somewhat riskier job of figuring out ways to drive tons of traffic to the pill sites.

And for this, the affiliates are rewarded handsomely. The researchers observed that affiliate commissions ate up between 30 to 40 percent of revenue for all three programs. Interestingly, the researchers found that while each program employed hundreds of affiliates, most of the affiliates earned next to nothing. Rather, just ten percent of the highest-earning affiliates accounted for 75-90% of total program revenue across the three affiliate programs.

“This is the brilliance of the affiliate program model, because you let every schmuck come in and try to do their thing, and you don’t care whether they succeed because you pay them only on a commission basis,” Savage said. “So all affiliate programs want to get the good affiliates, but the problem is they may not know who’s good ahead of time, so you let lots of people in, but most of the affiliates are just wasting their time.”

As it happens, nearly all of the top earners for SpamIt and Rx-Promotion have already been profiled in previous stories on this blog: They are the affiliates thought to be responsible for running the world’s largest spam botnets, including Cutwail, Rustock, Waledac, Mega-D, Srizbi, and Grum. I hope to have an analysis of the Xarvester botnet author ready soon.

So how much did the affiliate program sponsors themselves make? After paying affiliates (30-40%), suppliers (~7% of gross revenue), for shipping (a loss leader, it turns out, at between 11% and 12%), credit card processing (10%) and a host of other direct and indirect costs, the sponsors made a net profit of about 20% of gross revenue.

“Clearly these affiliate programs are profitable, but they are operating a business enterprise,” the researchers wrote. “Their profit is still only a fraction of the overall revenue.”

As detailed in my Pharma Wars series, the volume of spam worldwide has fallen dramatically since late 2010, when an escalating turf war between the Russian businessmen behind Rx-Promotion and sister programs SpamIt and GlavMed forced these businesses to close up shop. Alert readers will notice that my name also is listed as a co-author to this research paper, although in truth my principal contribution to the project was the donation of the Rx-Promotion, GlavMed and SpamIt databases that had fallen into my lap as a result of the aforementioned turf war. I am currently spending quite a bit of my time working on a book about the epic rise and fall of these rogue pharmacy affiliate operations.

While the overall volume of email that is spam recently fell to historic lows, that ratio been steadily creeping back up since April, according to Symantec. It will be interesting to see if this trend continues as other affiliate programs compete to meet customer demand and lay claim to the market shares once held by the likes of GlavMed, Rx-Promotion and SpamIt.

A copy of the Pharmaleaks paper is available here (PDF).

39 thoughts on “PharmaLeaks: Rogue Pharmacy Economics 101

  1. Neej

    Another interesting article Brian.

    Interestingly the seemingly low numbers of successful affiliate marketers isn’t unique to this area of internet marketing – it seems to be pretty consistent across the spectrum including completely legitimate affiliate models and also businesses in general.

    I think basically people just give up and/or miss out by virtue of luck: they didnt approach the endeavour properly from the start or have an idea that solved a problem people had.

    I would like people’s opinions: I make a living PPC marketing – in essence I pay for ad clicks that direct people to a product or service that I get paid a commission for when a click converts (the user does what my wants them to do after my ad delivers them to the landing page).

    Anyhow, basically using this model I don’t care what I promote – if I get paid more than I pay output for delivering the traffic that is all that counts.

    Recently I actually applied and got accepted to Rx-Promotion. I have to admit that I only just made the connection to what this company allows despite being a long time reader of your blog.

    So basically: given that I’ll only be using legal marketing methods and operating wothin my own countries legal boundaries

    1. Neej

      is this ethical? (sorry for split post spelling errors, im on my phone and accidently pressed the submit button)

  2. bruce

    Who was it who said “grub first, then ethics?”

    Sometimes in legal opinions, a court attacks an individual for having violated ‘if not the letter of the law, then at least the spirit of the law has been violated.”

    Frequently where an individual has been careful to comply with ‘the letter of the law,’ where they are unpopular, ethics violations are then used as a vehicle to ‘get them.’ This is especially an issue that is very much alive in the area of the professional discipline of lawyers. … and especially of ‘radical lawyers.’

    Enough then with ‘ethics,’ which can be seriously abused in the absence of otherwise lawful violations.

  3. Deborah S

    @Neej “is this ethical?”

    You’re treading on dangerous ground, my friend. But don’t let the danger stop you from pursuing a useful enterprise.

    If I were you, I’d be carefully vetting the businesses I’d be marketing for, to be sure they are legitimately in the business of providing legal pharmaceuticals. If the businesses are legit and the drugs are legally provided, have at it.

    And also, if I were you, I’d use whatever I found in the vetting process to sell my prospective customers on the complete legality of what I had to offer them. There are people who would rather legally buy their drugs online rather than going to their pharmacy in person, purely for convenience, and those are the people I’d be trying to reach.

    (Sorry Brian, I know your blog post is about spam and botnets and the illegal pharma trade, but it doesn’t hurt to recognize that these are the shadow side of an otherwise legal business, supplying customers who need what a supplier has to offer. Don’t want to throw out the baby with the bath water, now do we?)

    1. JCitizen

      I think Neej is pulling your leg; if in fact that is Neej commenting here.

  4. Steve

    How do the researchers get access to the caches of data?

    1. BrianKrebs Post author


      I explain that in the penultimate paragraph of the story.

      “As detailed in my Pharma Wars series, the volume of spam worldwide has fallen dramatically since late 2010, when an escalating turf war between the Russian businessmen behind Rx-Promotion and sister programs SpamIt and GlavMed forced these businesses to close up shop. Alert readers will notice that my name also is listed as a co-author to this research paper, although in truth my principal contribution to the project was the donation of the Rx-Promotion, GlavMed and SpamIt databases that had fallen into my lap as a result of the aforementioned turf war. I am currently spending quite a bit of my time working on a book about the epic rise and fall of these rogue pharmacy affiliate operations.”

      1. AlphaCentauri

        All I know is that GlavMed and some of the other programs were routinely including 4 free tabs of “viagra” with every order for a long time, even order for nitrate drugs. Unless at least one of those drugs was placebo, there would have been dead bodies.

        1. john

          Hi Alpha,
          Believe me or not, but the generic pills, distributed by internet pharmacies, are as real as if you would’ve bought them in the best rl brickandmortar pharmacy. A few years ago one affiliate rogram sent samples of pills to affiliates. I tried to use these pills myself and they were real, including byeffects like slight headache and bunged up nose.
          “Fake medications” is a wrong expression, as the pills do contain the same active ingredient (for example sildenafil) but nowhere on the blister you would see a word “Viagra”. The right one would be “contraband medications”.

          Now about your comment on free viagra with nitrates. I was surprised myself when heard that they include viagra with nitrates. But I think people just smart enougt (surprise!) and throw away these pills when they see that viagra with nitrates is no-no. It crearly stated on a paper included with the pills.

          1. Rick Zeman

            John, I don’t know how much credence I’d put into the pharmacies self-selecting pills to send to the affiliates. They have a vested interest to only send real ones. What’s needed is a Consumer Reports-style blind, anonymous, and multiple buys to determine the legitimacy of the purchases.

          2. AlphaCentauri

            Which one is the nitrate, Isordil or nitrofurantoin? Without a medical/pharmacy/nursing training, you wouldn’t expect people to know. Most people have trouble distinguishing “sulfa” and “sulfur.”

      2. george

        It would be interesting to hear opinions (even speculations) about how those databases were snatched in the first place from Gusev and Vrublevsky by their respective opponent. Did they bribe insiders ? Did they use SQL Injections and exploits on each other sites ?

        1. Whats in a name

          Half the problem is the same pill costs $15 bucks here in the USA and 14 cents everywhere else, of course people will try to obtain them if they can at the lower prices.

          We can try to stop it all day, but the more effective solution is making the pills cost 15 cents everywhere and stop trying to gouge our people simply because they think that we can afford it.

          1. Stefan Savage

            I think price is certainly one driver for online pharma, but I don’t think its the only one. For example, why would ED drugs so dominate revenue if price was the only factor? Sure Viagra is a blockbuster drug, but shouldn’t Lipitor, Plavix and Nexium be better represented? Similarly, why would see see purchases from countries with state-sponsored universal coverage health systems? In some cases you’re looking at embarrassment, in other cases customers may be abuse-seeking (e.g., for some of the opiates and stimulants, for HGH, etc). In other cases the are providing drugs not sold by traditional pharmaceutical distributors (try to go to your pharmacist and order Penis Growth Oil sometime) and in yet others the drug isn’t approved for sale in the jurisdiction. Anyway, price is certainly an issue, but I don’t think it explains all of the demand here.

  5. David

    Spam remains not because of demand, but because people are forced into the underground economy to buy the products they want. Stop worrying what other people do to their bodies.

    1. BrianKrebs Post author

      I’m curious about your response, David. Do you really think it’s okay for this industry to be supported largely by massive botnets and malware? You may not know this, but the rogue pharmacy industry was probably the single biggest driver of the development of ever stealthier, more insidious malware and botnets over the years, as affiliates sought more ways to build out their spam spewing moneymakig machines.

      Regardless of what you think about people buying pills from unlicensed, potentially unsafe random online pharmacies, you really can’t say one is okay but not the other because they are inextricably linked. I am neutral on the subject of whether these pharmacies are a good or bad thing, and have pushed harder than almost anyone I know to find out whether the drugs they’re selling are in fact legit/safe, with mixed results.

      1. David

        The reason this black market (and the associated spam/botnets/malware) exists, is because people cannot get the product legally. Limit the supply and the price goes up, and at a high enough price fake products are produced. If the product was freely available do you think that people would continue to patronize “unlicensed, potentially unsafe random online pharmacies”? I wouldn’t, but unsafe or not, who are you, or the government, to tell a person what they can do to their body? This kind of thinking leads to Mayor Bloomberg telling people how much salt, fat and sugar is good for them. Take a step back from telling others how you think they should live their lives.

        1. BrianKrebs Post author

          You somehow mistake my attempts at uncovering the truth with some kind of agenda or propaganda. I frankly don’t care if people want to pop whatever pills they want, whether they be from a licensed pharmacy, an Internet pharmacy, or pills they find on the ground or from a candy dispenser. That’s obviously up to them.

          I’m interested in ground-truth data about these operations, and this study is the closest thing to that I’ve seen so far. Unfortunately, there is little ground-truth data on the safety and efficacy of these drugs. I’d like that to change. You can take that as telling people how to live their lives if you want. But if you really do believe in what you preach, it seems to me you should welcome the kind of testing I’m advocating.

  6. AlphaCentauri

    The high number of repeat customers doesn’t say much about the effectiveness of the drugs. These drugs are being sold on the street — not just the “Adderal” and “Oxycontin,” but also the “Viagra.”

    The value of street drugs depends on their resemblance to the original, not the effectiveness. Brand name drugs or even well-known generics like Roxicet can be sold for higher prices than unidentifiable pills.

    The internet pharmacy customer buys in bulk, then sells single pills on the street. He may not even use at all. The users eventually get wise, but as Stephan said, the market isn’t close to saturated. And if most of the pills are worthless and occasionally one is the real deal, intermittent positive reinforcement is more effective than consistent positive reinforcement.

    1. BrianKrebs Post author

      Guess I’d have to disagree with you Alpha. Your statements about the efficacy of these drugs are made as though you have a mountain of data to support them. If you have said data, I’d be extremely interested in seeing it.

      As far as I know, nobody — not the FDA, not the “legitimate” pharmacy industry, or even the research community — has done any kind of comprehensive study to determine whether these drugs a) contain equivalent amounts of the active ingredients, and b) do not contain unsafe additives. Yes, there are single horror story cases (I think I’ve read them all) and one or two buys+tests, but it certainly seems as thought vested interests simply do not want to know the answer, because if the answer is that these spam pills are more or less what people would get from legitimate sources, the testing bodies will be implicitly lending legitimacy to these rogue pharmacy operations.

      1. Rick Zeman

        Couldn’t the opposite case be argued equally well, Brian? That by the big labs NOT testing they’re de facto saying, “We don’t think there’s anything to worry about” and that’s lending the same amount of legitimacy?

        1. Stefan Savage

          I’d like to point out that doing these kinds of studies is quite difficult in practice. First, there are the operational issues of making the purchases. Onsie-twosie stuff is easy, but scaling out a purchasing operation to many hundreds of buys requires a range of credit cards, addresses, IP addresses, identities, etc to bypass the anti-fraud measures the pharmacies have in place. Then there is the question of money. How do you fund those purchases? From the standpoint of us academic researchers let me be clear that Federal funding agencies are generally not copacetic (esp in this political climate) to have their money spent on counterfeit drugs whereby payment is made to an unknown party in an unknown country. Then there are the legal problems. It is illegal to purchase prescription drugs without a valid prescription. Moreover, there are federal and state laws that make it illegal to import prescription drugs that one has reason to believe may be counterfeit (there are carevouts, but the carveouts are complicated). Certainly for independent researchers (e.g., at universities) these kinds of issues tend to make administrators freak out (indeed, it is only because of the positive relationship we’ve forged with legal and administrative oversight at UCSD that we’ve been able to do the kind of work that we’ve done so far). Then there is the testing which, to do the job justice, really requires a lab familiar with testing counterfeit products. Next there is the question of who would fund such a study and what would their interests in publication be. Funders who would naturally support a comprehensive study and open publication might not be interested in the results to begin with while those with deep interested in the results might not be as interested in open publication (or might not care about a comprehensive study).

          Finally, even if you solve all of these problems, doing this job well would take quite a bit of work and dedication. Empirical studies are hard. They take attention to detail and focus — in spite of the fact that the results are rarely surprising (or at very least that the surprising, salacious part could be established with a few anecdotal examples). Not very many organizations have the remit to be systematic in this kind of way.

          1. AlphaCentauri

            Lack of quality control is a big issue. The fact that they ship real drug sometimes will get them repeat customers, but that doesn’t guarantee they always ship real drugs or even safe placebos.

            The WHO has found a high prevalence of fake medications for sale in less highly regulated countries. You have no way of knowing where the drugs sold from spamvertised pharmacies are coming from (their websites are full of other obvious lies), but you can know there are quality control problems in a lot of the countries where they may be coming from.

            1. Stefan Savage

              I think this is one of the biggest issues here. When a large corporation takes responsibility for the drugs sold under their name there is significant liability associated with quality issues (this doesn’t prevent problems or recalls, but it provides a financial incentive to minimize such events and provides recourse through the courts). Online pharmacies use a range of drop shippers that change over time and those drop shippers in turn may obtain drugs from different manufacturers depending (in some cases there is even another level of middle-men — e.g., medex — that provides formulary aggregation). While many suppliers may provide quality product, absent real transparency its hard to feel as confident about the persistence of that quality nor is there much recourse if a problem emerges.

              That said, without empirical data its hard to reason about harm and risk. Its very easy to use anecdotes or hypotheticals to drive policy (this is especially popular in the security field) but these frequently lead to decisions that don’t make that much sense.

    2. Stefan Savage

      I believe there is perhaps some resale going on (we noticed a few orders far larger than a single individual could be reasonably consuming). However, the vast majority of orders (and reorders) are in small numbers to distinct customers with significant time gaps between, which doesn’t support the resale hypothesis.

      On the topic of drug quality, as Brian says, I’m not aware of any good study that addresses this question on a systematic basis. Anecdotally, the few drugs we tested via mass spec (not Viagra) had identical concentrations of their active ingredient to reference samples. Moreover, its pretty clear from the various chat logs and forums that these folks operate under the impression that their suppliers provide a reasonable product (controlled drugs are a different story). That doesn’t mean their impressions are correct, and we obviously have crisp anecdotes of harm that have occurred (e.g., the Marcia Bergeron case), but the reorder data suggest to me that on balance the quality on the most popular drugs is good enough to produce repeat customers.

      1. george

        Hi Stefan,
        I’ve read the report carefully and found to be high quality work. Your comments here demonstrate even further insight and strides to analyze this from every possible angle. Congratulations and thank you.
        I was wondering myself if the mere existence of illegal pharma have any kind of influence over the price at which medicines are available via fully legal channels. Are the prices slightly reduced (because is, well, a form of competition), increased (because same profits have to be made from a reduced pool of customers who only buy via legal channels) or, as I suspect, there is no relationship whatsoever between pricing of the 2 channels because the target customers are disjointed pools ?

        1. Stefan Savage

          Its an interesting question whether infringing unlicensed drugs sold online exert downward price pressure on their licensed counterparts. We’ve talked about doing this study, but its challenging to do well. If someone has a good longitudinal database of weekly/monthly wholesale and retail drug prices going back 5-6 years that would help (we haven’t found one). However, even still it will be a tricky analysis to separate any potential price impact from changes in demand and legitimate competition. However, its interesting enough that if anyone has data to help out, we might be willing to attempt it.

          On the related topic of price competition between online pharmacies, it definitely is an issue. Affiliates in particular believe that lower prices drive conversions and thus they are drawn to programs with lower prices on the key drugs being marketed. There is even price fixing (about which Brian can speak quite a bit more) on the part of affiliate programs. Finally, suppliers definitely compete on price as well.

  7. Old School

    For those of us who get the spam emails there are at least three options. First, if the email gets past existing filters, I mark the email as spam. Hopefully my email provider takes notice of my decision. Then empty the Spam folder if you choose not to continue with the issue. Second, dump the header to learn more about the scum. Example: use Originating-IP: [] for an IP lookup. This spammer is from KARNATAKA, INDIA. The ISP is Broadband Multiplay Project, O/o DGM BB, NOC BSNL Bangalore. The spammer is using Yahoo: envelope-from , Authentication-Results: mta1297.sbc.mail.gq1.yahoo.com . From: “Canadian Pharmacy” .
    I then have two options. Now I turn to my email provider. If I think the sending address is valid, I can block the address using the Block Address function of the Spam option. I have found the better option is the second, the Filter Option allows me to put all emails from Canadian Pharmacy in the Trash folder. Using the Trash folder eliminates having to check the Spam folder for improperly categorized emails.
    BTW, I have found spammers spoofing / altering some source of email fields in the header. I send the header to the corporation that has victimized by the spammer.

    1. JCitizen

      I notice the spam filter on Outlook 2003 works a lot better now; so does the search and delete functions. Maybe the new versions are even better. I don’t have to worry about Hotmail – I get maybe two or three pieces of spam a week on there.

  8. this post will be deleted to stifle truth

    “It sound like some people I know who “Keep getting all thses virus things no matter what I do!””

    Remember the Sony BMG root kit?
    Remember how no Antivirus detected it? Not even Anti root kit scanners?
    Remember how only one tool initially detected it?

    Now consider for a moment how many other government software/firmware moles/rootkits may be lingering within millions of people’s proprietary systems (hardware/software-OS).

    Wikileaks published a lot of information on companies willingly selling rootkits to governments and organizations. And do I really need to bring up HBGary?

    So many fools using multiple proprietary scanners on their systems, the makers of which could all be in bed with big bro, the programs and/or updates could contain rootkits, and seriously, what the fsck is up with Microsoft and Flash both having so many remote exploits being patched all of the time?

    The very products you trust, imo, could be the very e-poison from which you e-drink from.

    To this day I laugh inside when twits tell me their system is “clean” because they scanned it with several proprietary tools.

    Face it, even on Linux the quality of the root kit scanners are piss poor. You have to boot into a separate environment (like Remnux) to evaluate the malware, but most people won’t do it, they’ll wipe and reinstall and rely only on signatures which can be compromised. And when they find out they have an APT which continues to reinfect their computer(s)? Would they be intelligent enough to consider a firmware (PCI/BIOS) infection which survives hard drive wipes? Do they also have infected thumb drives laying around they plug into other computers around home and/or friends/family/work?

    Chkrootkit has a function to list the strings of binaries, but it’s up to you to determine whether or not the content of the strings are malicious. I’ve tried several root kit scanners on Linux and all of them are, imo, crippled pieces of trash. The crowd will yell back at you, “But most of these require root to exploit!” No, not at all, there are hundreds of ways to exploit a Linux box, many not requiring root, but a particular program/version. I won’t even bite down on the subject of ways to subvert package managers. Heck, how many Linux repositories use SSL? SSH? Torrents with established “good” check sums for thousands of packages?

    And I’ve not mentioned Flash and Adobe Reader for Linux and the past problems with those… and the NVidia driver for Linux, had in the past, one or two severe security issues whereby a remote exploit could take over the system! (Google it. The news of one exploit was in 2006.)

    Our proprietary hardware and software are both at risk, and likely subverted world wide on millions of computers by governments and select organizations. The fact it takes years until a researcher trips over a particular piece of malware which none of the antivirus companies are detecting is inexcusable.

    Were I head of a commercially developed antimalware company, I’d develop a website similar to Virus Total, but instead of the users uploading single files one by one, I’d give them a FOSS program which checked every part of their hardware, embedded and manually inserted, checksum the firmware (of all media drives, graphics cards, anything with firmware) and BIOS and tear apart the results, funneling them into separate result pages, each result for each component going to its own page for comparative results, rather than building a profile on one user’s system. I would offer the users the option of publishing a one page result for their unique computer, but it would be opt-in only. Yes, checksum the firmware, including the router, and demand companies publish checksums and use GPG to sign their firmware, all of this information would go to the site as described. A massive database of important, but anonymously pulled and published information.

    It’s just going to get worse.

    On the side, I’ve been saying to myself for years, IMO, “When Microsoft finally starts to show signs of weakness and loss of power over the OEMs, it will try and reinvent itself through crippled hardware and force others to beg at its door for access. They will, imo, follow the same route as Apple, tying software to hardware. I’m shocked it hasn’t happened sooner.” Then the reverse engineering can begin, just like the WINE project which was abandoned by Corel following Microsoft’s involvement with Corel, despite the good word from some former people at Corel who said they would continue to develop WINE. It wasn’t much longer until Corel Linux was shit canned, and the support for WINE dried up like a neglected grapevine.

    People like to poke and laugh at people like RMS who are sane and their visions a philosophy to stand by and build upon. Sadly, it’s mostly about ‘image’ in today’s society. This is why, in part, you’ll never see a true world leader elected who benefits the people and country as a whole, because it’s just like high school, you only have a few choices between the approved popular cliques, the rest are shunned and ridiculed. So we have two, I would argue, controlled choices, the Republicans and Democrats, and we have two, I would maintain, jocks, Apple and Microsoft.

    Bring on the 3-D printers and eventually the Star Trek like replicators, so we can put an end to the sweatshops in China and elsewhere, and to the two jocks in school.

    Soon our future will be collaboration of FOSS and FOSH(ardware) and we won’t sit idly by as the two jocks push their creations onto us, we will forge our own.

    Oh, and you can kiss my ass Republicans and Democrats, whose power is only illuminated by controlled corporate media and further shaped by humor from The Daily Show, Colbert Report (they didn’t have much to say during the last writer’s strike, did they, yet people think they’re so witty — wrong! more corporate shit!) and SNL (why the fork wasn’t stuck in SNL years ago is beyond me, it’s like watching The Simpsons, someone left the building and forgot to turn off the light – I won’t even dig into the, imo, illuminati Family Guy show).

    The future is up to us, the power is in our hands, we only have to turn off the TV and stop swallowing the shit they feed us and join together to mature technology.

    “Beware of dogs, beware of evil workers, beware of the mutilators.”
    – Philippians 3:2

    Do not remain ‘motionless in light’. Kneel before Almighty God, rebuke the beast within the light and the strange sounding ‘invaders’ through Yahweh, Christ Jesus, Holy Spirit, Our One True God. Rejoice in Him!

    1. BrianKrebs Post author

      I won’t be deleted (at least not by me) but it probably will get buried. Off-topic, techno-apocalypic comments tend to get modded down pretty quickly around here.

  9. Sam Bowne

    In the 2nd paragraph, “discretely” should be “discreetly.”

    Thanks for another interesting investigative article!

  10. Uzzi

    Dear Old School, it’s best practice to inform the abuse desk responsible for an abused IP. – But if you really want to bother the spammers simply find some friends on the interwebs and start pushing back spam together: I recommend you have a look at spamcop.net and their “Report Spam”-page etc.

    1. Old School

      Thanks for mentioning “it’s best practice to inform the abuse desk responsible for an abused IP.” I should have mentioned that after the sentence which contains “The ISP is Broadband Multiplay Project,” My comment was made a little difficult to understand because some of the information was redacted.

  11. dweep777

    Great investigative reporting as always, Brian.
    Thanks for another great article.

  12. Deborah S

    @Stefan Savage
    “I think this is one of the biggest issues here. When a large corporation takes responsibility for the drugs sold under their name there is significant liability associated with quality issues (this doesn’t prevent problems or recalls, but it provides a financial incentive to minimize such events and provides recourse through the courts).”

    “That said, without empirical data its hard to reason about harm and risk.”

    You’re absolutely right that when a legitimate company, be they large or small, complies with the law, the customers have relative assurance of buying quality product from them. All that goes out the window with illegal pharma operations.

    I think it’s a bit of a red herring though to waste energy on trying to assess the quality of meds bought through illegal pharmacies. If verifiable numbers are really bad, I suppose the data could be used to discourage people from buying on the illicit drug market, but I doubt that would really help much. People buy from the underground pharma market because they either want something they can’t get legally or they want it cheaper than they can get it for through legal pharmacies. Apparently a lot of people are willing to risk unsafe drugs to get either of these things.

    In my opinion the most effective way to put the illegal pharma trade out of business would be to relax the laws prohibiting certain drugs or certain people from obtaining particular drugs, AND lowering the cost of drugs that are commonly sought out on the black (or grey) market. But ha ha, when is that going to happen?

    As long as access to drugs is limited and their cost is too high, we will have an illegal pharma market.

  13. AlphaCentauri

    There is already a major change in the economics driving this. India has been legally producting generic versions of drugs that are still under patent in North America and Europe only because their patent laws provided fewer years of protection for new inventions.

    India has already changed its laws, so that drugs patented in India today have the same 20 year protection as elsewhere. They grandfathered in drugs that were already available there in generic form, like sildenafil. But there is no continuing pipeline of new ultra-cheap drugs. Once the drug can be sold legally in the US, any Indian manufacturer of quality will sell it directly to wholesalers here, instead of going through affiliate programs that take such a high percentage of the cost as profit for themselves and their affiliates.

    Yes, they can obtain generic versions of more recent drugs from other countries than India. But each time they must seek out suppliers in countries with less rigorous intellectual property laws, they must deal with companies with less ability to hire quality pharmacists and chemical engineers.

  14. Joel Adams

    Good for you about writing a book. Your writing style and ability to explain complicated concepts in terms that the layman can understand will be a great benefit to your chosen subject. Good luck!
    (No, I’m not in the publishing business. I write and create computer training classes for my employer)

Comments are closed.