Deconstructing a Pump-and-Dump Spam Trojan - SpamThru Bot Control Connections

 
 
By eweek  |  Posted 2012-05-28 Email Print this article Print
 
 
 
 
 
 
 
 

SecureWorks researcher Joe Stewart reverse-engineers a SpamThru Trojan and finds evidence of a well-heeled spam operation attempting to manipulate penny stocks. These images show the scammers at work.

 
 
 
  • 8 of 8

This chart shows the number of connections each control port received each day from the bots. The 2236 and 2238 variants gained a lot more infected users than any of the other variants, sometimes bringing up to 3 million connections to the control serv

Deconstructing a Pump-and-Dump Spam Trojan - SpamThru Bot Control Connections
 
 
 
 
 
 
 
 
 
 
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
 
 
 
Rocket Fuel