Law enforcement crackdowns in recent weeks have targeted two major contributors to worldwide spam: Spamit.com and the Bredolab botnet. Now a new report suggests that the two cases may be related.
A report on Krebsonsecurity.com claims that the recent arrest of a 27 year-old man, identified as Georg Avanesov, the alleged bot master of the Bredolab botnet, had ties to Spamit.com, an online forum for those who make money sending out spam e-mail that was also the focus of a crackdown by Russian law enforcement.
According to the report, Avanesov may have used Spamit.com to find customers interested in renting out parts of the Bredolab botnet for their distributing spam – a business that netted him upwards of $139,000 a month. Avanesov was arrested last week in Yerevan, Armenia after returning from a trip to Moscow in a joint action between Armenian, Dutch and Russian authorities.
SpamIt.com’s alleged chief, Igor Gusev, was named as the subject of a criminal investigation by Russian authorities. That action has been attributed to a sharp drop-off in pharmaceutical spam – a specialty of Gusev and also associated with the Bredolab botnet.
At least two affiliate accounts at spamit.com used e-mail addresses and nicknames associated with Avanesov, though neither account was prominent on a network where successful operators might earn millions a year from the illicit e-mail traffic. Instead, Avanesov appears to have used the network to find customers interested in renting his global network of Bredolab infected hosts – his main line of business, the report said.
Coupled with the recent take-downs of botnets like Pushdo, Waldec and Mariposa, the Bredolab bust and Russian crackdown on SpamIt.com’s operations suggest that law enforcement is taking a more coordinated and serious approach to illicit spam and malware distribution networks.