Deconstructing a Pump-and-Dump Spam Trojan - SpamThru Bot Control Connections

 
 
By eweek  |  Posted 2012-05-28 Email Print this article Print
 
 
 
 
 
 
 
 

SecureWorks researcher Joe Stewart reverse-engineers a SpamThru Trojan and finds evidence of a well-heeled spam operation attempting to manipulate penny stocks. These images show the scammers at work.

 
 
 

This chart shows the number of connections each control port received each day from the bots. The 2236 and 2238 variants gained a lot more infected users than any of the other variants, sometimes bringing up to 3 million connections to the control serv

Deconstructing a Pump-and-Dump Spam Trojan - SpamThru Bot Control Connections
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...

 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel