Opinion

E-mail address lists – legitimate service or spammer support?

Today you can buy a CD containing 4.6 million UK e-mail addresses, plus software capable of e-mailing 30,000 e-mails per hour. And all for the bargain price of £29.95 – money to be sent to a PO box in London.

This reminds me of attempts in 1992 to sell collections of viruses [for research purposes, of course]. These included John Buchanan [aka aRiStOtLe] in the US and ‘The Virus Clinic’ in the UK. The latter was closed down in a raid by New Scotland Yard’s Computer Crime Unit. It will be interesting to see what the fate of this e-mail seller will be.

Of course, the sale of databases containing e-mail addresses isn’t new and there are lots of legitimate sources for such data. However, they’re not usually available for such a bargain price. They’re not normally available through the anonymity of a PO box either. Both of which raise concerns about the source of this data and its possible use in generating yet more spam.

E-mail address lists – legitimate service or spammer support?

Your email address will not be published. Required fields are marked *

 

Reports

The leap of a Cycldek-related threat actor

The investigation described in this article started with one such file which caught our attention due to the various improvements it brought to this well-known infection vector.

Lazarus targets defense industry with ThreatNeedle

In mid-2020, we realized that Lazarus was launching attacks on the defense industry using the ThreatNeedle cluster, an advanced malware cluster of Manuscrypt (a.k.a. NukeSped). While investigating this activity, we were able to observe the complete life cycle of an attack, uncovering more technical details and links to the group’s other campaigns.

Sunburst backdoor – code overlaps with Kazuar

While looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar. Our observations shows that Kazuar was used together with Turla tools during multiple breaches in past years.

Subscribe to our weekly e-mails

The hottest research right in your inbox