E-mail address lists – legitimate service or spammer support?

Today you can buy a CD containing 4.6 million UK e-mail addresses, plus software capable of e-mailing 30,000 e-mails per hour. And all for the bargain price of £29.95 – money to be sent to a PO box in London.

This reminds me of attempts in 1992 to sell collections of viruses [for research purposes, of course]. These included John Buchanan [aka aRiStOtLe] in the US and ‘The Virus Clinic’ in the UK. The latter was closed down in a raid by New Scotland Yard’s Computer Crime Unit. It will be interesting to see what the fate of this e-mail seller will be.

Of course, the sale of databases containing e-mail addresses isn’t new and there are lots of legitimate sources for such data. However, they’re not usually available for such a bargain price. They’re not normally available through the anonymity of a PO box either. Both of which raise concerns about the source of this data and its possible use in generating yet more spam.

E-mail address lists – legitimate service or spammer support?

Your email address will not be published.



Kimsuky’s GoldDragon cluster and its C2 operations

Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea.

Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

Subscribe to our weekly e-mails

The hottest research right in your inbox