Category Archives: Breadcrumbs

Microsoft Hunting Rustock Controllers

March 28, 2011
22 Comments

Who controlled the Rustock botnet? The question remains unanswered: Microsoft’s recent takedown of the world’s largest spam engine offered tantalizing new clues to the identity and earnings of the Rustock botmasters. The data shows that Rustock’s curators made millions by pimping rogue Internet pharmacies, but also highlights the challenges that investigators still face in tracking down those responsible for building and profiting from this complex crime machine.

Homegrown: Rustock Botnet Fed by U.S. Firms

March 21, 2011
47 Comments

Aaron Wendel opened the doors of his business to some unexpected visitors on the morning of Mar. 16, 2011. The chief technology officer of Kansas City based hosting provider Wholesale Internet found that two U.S. marshals, a pair of computer forensics experts and a Microsoft lawyer had come calling, armed with papers allowing them to enter the facility and to commandeer computer hard drives and portions of the hosting firm’s network. Anyone attempting to interfere would be subject to arrest and prosecution.

ChronoPay’s Scareware Diaries

March 3, 2011
23 Comments

If your Microsoft Windows PC was attacked by fake anti-virus or “scareware” in the past few years, chances are good that the attack was made possible by ChronoPay, Russia’s largest processor of online payments.

Tens of thousands of documents stolen and leaked last year from ChronoPay offer a fascinating view into a company that has artfully cultivated and profited handsomely from the market for scareware, which hijacks victim PCs with fake security alerts in a bid to frighten users into paying for worthless security software.

Pharma Wars

February 25, 2011
34 Comments

It’s difficult to chronicle a battle in which neither side wants to admit publicly that he is fighting for his life, or indeed that he has even launched attacks against his enemy. But such is the nature of a business-feud-turned-turf-war that is now playing out slowly between bosses of two of the Internet’s largest illicit pharmacy operations.

SpamIt, Glavmed Pharmacy Networks Exposed

February 24, 2011
35 Comments

An organized crime group thought to include individuals responsible for the notorious Storm and Waledac worms generated more than $150 million promoting rogue online pharmacies via spam and hacking, according to data obtained by KrebsOnSecurity.com.

Bredolab Mastermind Was Key Spamit.com Affiliate

October 30, 2010
38 Comments

The man arrested in Armenia last week for allegedly operating the massive “Bredolab” botnet — a network of some 30 million hacked Microsoft Windows PCs that were rented out to cyber crooks — appears to have generated much of his clientele as a key affiliate of Spamit.com, the global spamming operation whose members are blamed for sending a majority of the world’s pharmaceutical spam.