RSS Alerts

Share

More services

Related Links

  • Krebs on Security
  • Elsevier Ltd is not responsible for the content of external websites.

Related Stories

  • Royal Wedding attended by spammers
    Two month's away, the wedding of Prince William and Kate Middleton is already being used by spammers to lure internet users to click through and buy replica goods.
  • Russian police squash major pharmacy spam campaign
    It seems that Russian police are working steadily to crush the rising tide of so-called pharma spam campaigns, with one security researcher having heard about a raid on the hackers behind the Rx-Promotions scheme.
  • Pharmacy spam campaign hijacks Google brand name
    A new pharma spam campaign uses the Google brand. More than 250 similar blog-related campaigns have been tracked in the last two days.
  • RSA 2011: The spambot ecosystem revealed
    At the RSA 2011 conference, Joe Stewart, director of malware research at Dell SecureWorks, revealed that spambots are now piggybacking on existing worms and viruses to extend their reach.
  • Spam and phishing volumes down in January
    The January monthly report on the state of spam and phishing from Symantec claims to show that phishing was down 16% on December, whilst spam levels were down 15.7%.

Top 5 Stories

News

SpamIt and Glavmed pharmacy spam campaigns generate $50m a year

25 February 2011

Reports are coming in that a cybercriminal gang - with members who were involved in the Storm and Waledac worms - have raked in more than $150 million promoting unlicensed online pharmacies between May 2007 and June 2010.

According to security researcher Brian Krebs, who claims to have dissected the SpamIT and Glavmed spam campaigns, if you received an unsolicited email in the past few years promoting male enhancement or erectile dysfunction pills, the chances are that it was generated by one of the two spam campaigns.

Krebs says that an anonymous contact of his - Despduck - claimed he could deliver data on hundreds of thousands of consumers who purchased pills through Glavmed's stable of sites.

In addition, Krebs reports that Despduck claimed to be able to supply "detailed financial records of Glavmed/SpamIt affiliates who earned thousands of dollars of month promoting pharmacy sites using spam and hacked websites."

And he did, sending the security researcher a nine gigabyte data file that contained three year’s worth of records for the campaigns.

Reporting on his analysis of the file in his latest security blog, Krebs says that the database reads like a rogue’s gallery of the Underweb.

"In it are the nicknames, ICQ numbers, email addresses and bank account information on some of the Internet's most notorious hackers and spammers. This huge cache of information shows that over the course of three years, more than 2500 affiliates earned hefty commissions promoting Glavmed's pharmacy sites", he said.

In total, the three year campaign to June of last year generated at least $150 million from more than 800,000 customers.

Krebs reports that Glavmed isn't all business, as it prompts affiliates to donate a portion of their commissions to help orphans and other disadvantaged children.

"Whether the money actually goes to those charities is an open question" he notes.

 

This article is featured in:
Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012