+

Cookies on the Business Insider India website

Business Insider India has updated its Privacy and Cookie policy. We use cookies to ensure that we give you the better experience on our website. If you continue without changing your settings, we\'ll assume that you are happy to receive all cookies on the Business Insider India website. However, you can change your cookie setting at any time by clicking on our Cookie Policy at any time. You can also see our Privacy Policy.

Close
HomeQuizzoneWhatsappShare Flash Reads
 

A lone hacker is earning as much as $100,000 per month just by sending emails

Aug 4, 2015, 14:43 IST

Refracted Moments/flickr (CC)

A lone hacker is earning between $60,000 to $100,000 per month by using an automated attack took to send around one million spam emails a day, according to researchers from security firm Trustwave.

Advertisement

The emails contain links to bogus products and services, which some receivers respond to and send money. The money is directed back to the hacker.

The hacker is using an RIG exploit kit to infect computers, Trustwave researchers said.

Exploit kits are attack tools commonly traded on underground online black markets that let criminals, who may not have strong computer skills, mount cyber attacks.

Trustwave researchers reported detecting a growth in the number of RIG exploit kit infections in a threat advisory, noting that the attack tool is being used to infect over 27,000 computers per day.

Advertisement

The rise in infections happened after the creator of RIG released an upgrade for the attack tool. Trustwave said the majority of the attacks are spreading malware.

"Generally speaking, RIG 3.0 customers deliver various payloads through RIG, each depending on a specific customer, but the distinct top payload delivered here is the Tofsee spambot," read the threat advisory.

A spambot is a form of malware that enslaves victim computers and forces them to send spam messages. Trustwave reported the majority of the infections stem from one RIG exploit kit user codenamed "Customer X."

"Customer X manages to infect about 500,000 machines per month with the Tofsee payload. The going rate for spam campaigns is approximately $0.50 USD per 1,000 successfully sent emails," read the advisory.

"This particular payload of Tofsee was observed in our labs attempting to send approximately one million emails per day from a single bot, of which about 2,000 emails were successfully sent."

Advertisement

Trustwave estimates the attacks are earning Customer X between $60,000 to $100,000 per month.

Combating exploit kits is an ongoing goal of the US Federal Bureau of Investigation (FBI) and UK National Crime Agency.

The FBI led an international takedown operation against a hacking forum known to be distributing exploit kits, known online as Darkode, in July.

A new, more secure, version of Darkode appeared less than two weeks after the operation. It is believed to be run by one of the old site's administrators.

NOW WATCH: We tried the 'belly button challenge' that's taking over China - and it's way harder than it looks

Please enable Javascript to watch this video
You are subscribed to notifications!
Looks like you've blocked notifications!
Next Article