Форум успешных вебмастеров - GoFuckBiz.com

  Форум успешных вебмастеров - GoFuckBiz.com > Разное > Треп | Флейм
Треп | Флейм Обсуждение самых разных тем вне онлайн бизнеса.

Закрытая тема
Опции темы Опции просмотра
Старый 02.12.2010, 16:26   #1
Senior Member
Аватар для infest
Регистрация: 19.04.2007
Сообщений: 1,240
Бабло: $296105
Отправить сообщение для infest с помощью ICQ
По умолчанию Спамеров вяжут

FBI Identifies Russian ‘Mega-D’ Spam Kingpin

Federal investigators have identified a 23-year-old Russian man as the mastermind behind the notorious “Mega-D” botnet, a network of spam-spewing PCs that once accounted for roughly a third of all spam sent worldwide.

According to public court documents related to an ongoing investigation, a grand jury probe has indicted Moscow resident Oleg Nikolaenko as the author and operator of the Mega-D botnet.

Federal agents settled on Nikolaenko thanks to information provided by Lance Atkinson, an Australian man named as a co-conspirator in the “Affking” e-mail marketing and counterfeiting operation that was shuttered in 2008 after investigations by the FBI, the Federal Trade Commission and international law enforcement authorities. The Affking program generated revenues of $500,000 a month using spam to promote counterfeit Rolexes, herbal “male enhancement” pills and generic prescription drugs.

As part of his guilty plea to spam violations, Atkinson provided investigators information on the top spammers who helped to promote the Affking products. Among them was an affiliate who used the online nickname “Docent,” who earned nearly $467,000 in commissions over a six month period in 2007.

Atkinson told investigators that Docent’s commissions were sent to an ePassporte account, under the name “Genbucks_dcent,” that was tied to the e-mail address “[email protected].” Records subpoenaed by the grand jury found that the ePassporte account was registered in Nikolaenko’s name to an address in Moscow.

According to court documents, investigators found numerous executable files in Docent’s Gmail inbox. Those files were analyzed by researchers at SecureWorks, an Atlanta based security firm, which found them to be samples of the Mega-D malware.

But U.S. investigators missed at least two chances to apprehend Nikolaenko: The grand jury said a review of U.S. State Department records indicate that Nikolaenko entered the United States in Los Angeles on July 17, 2009, and left the country ten days later. He returned to the U.S. on Oct. 29, 2009, entering from New York and visiting Las Vegas before exiting the country on Nov. 9 from Los Angeles.

Investigators say Nikolaenko was supposed to leave Los Angeles on Nov. 11, but cut his trip short by two days. They concluded that the 23-year-old left early because he wanted to get home to repair damage that security experts had inflicted on his botnet. On Nov. 4, 2009, researchers from Milpitas, Calif. based FireEye executed a “stun” attack on Mega-D by seizing control over the botnet’s control networks.

“Based on the timing of the Fireeye attack on the Mega-D botnet, I believe that Nikolaenko left the U.S. early to repair damage caused by Fireeye,” wrote Special Agent Brett E. Banner, in the government’s complaint against Nikolaenko.

After the FireEye takedown, spam from Mega-D all but disappeared. But in the days following his return to Moscow, the botnet recovered gradually, and by Nov. 22, spam from Mega-D was back to pre-takedown activity levels. By Dec. 13, Mega-D was responsible for sending nearly 17 percent of spam worldwide, according to security vendor M86 Security.

Joe Stewart, a senior security researcher at SecureWorks, said that at the beginning of Nov. 2009, there were at least 120,000 computers infected with Mega-D that were relaying spam, but Stewart said he hasn’t seen any signs of activity from Mega-D over the past several months.

While Mega-D may be dead, information obtained by KrebsOnSecurity.com suggests that Nikolaenko has nonetheless continued spamming, and that, until at least June 2010, he was a top-earning affiliate for Spamit.com. Prior to its closure at the end of Sept. 2010 — Spamit was the world’s most active affiliate program for promoting knockoff prescription drugs.

A Spamit affiliate using the same “[email protected]” address made nearly $81,000 in the first five months of 2010 promoting online pharmacies for Spamit. The earnings were deposited into the same “Genbucks_dcent” ePassporte account named in the criminal complaint against Nikolaenko. It’s not clear whether Nikolaenko was able to enjoy all of those earnings: ePassporte also went belly-up in September, leaving thousands of customers without access to millions of dollars in funds.
вот так вот.
infest вне форума  
Старый 02.12.2010, 16:51   #2
Bitcoin to the moon!
Аватар для rusawm
Регистрация: 19.10.2008
Адрес: горный аул
Сообщений: 2,206
Бабло: $519940
По умолчанию

пиздец стока бабла и акк на гмэйл
rusawm вне форума  
Старый 02.12.2010, 16:51   #3
Senior Member
Аватар для krokodile
Регистрация: 02.12.2008
Адрес: S-Pb
Сообщений: 1,029
Бабло: $88318
Отправить сообщение для krokodile с помощью ICQ Отправить сообщение для krokodile с помощью Skype™
По умолчанию

Oleg Nikolaenko as the author and operator of the Mega-D botnet.
Ботнетчиков вяжут, ботнетчиков. Усё окей.
krokodile вне форума  
Старый 02.12.2010, 16:54   #4
Senior Member
Аватар для imgreen
Регистрация: 15.11.2008
Сообщений: 12,134
Бабло: $247706056
По умолчанию

ну правильно, про mail спам то речь
imgreen вне форума  
Старый 02.12.2010, 17:04   #5
Аватар для kezz
Регистрация: 19.10.2009
Сообщений: 1,680
Бабло: $204833
По умолчанию

Сообщение от krokodile Посмотреть сообщение
Oleg Nikolaenko as the author and operator of the Mega-D botnet.
Ботнетчиков вяжут, ботнетчиков. Усё окей.
о норм Расходимся !
kezz вне форума