Cyber Crime

Ukrainian police dismantled a bot farm involved in multiple spam campaigns

The Ukrainian police dismantled a bot farm involved in spam campaigns carried out through various services, including email and social networks.

Cybercrime is a prolific business, criminal organizations continues to make profits with illegal activities in the cyberspace, but police are ready to contrast them. Cyber experts at the Ukrainian police dismantled a bot farm involved in spam campaigns carried out through various services, including email and social networks.

“Cyber ​​police officers, together with investigators of the Main Investigative Directorate of the National Police of Ukraine, under the procedural guidance of the Prosecutor General’s Office of Ukraine, exposed a large-scale service for mass distribution of electronic messages.” states the press release published by the Ukrainian police. “It is established that all works of the service are carried out exclusively at the request of interested clients. With this resource, it was possible to buy activated accounts in large numbers to various mail resources, social networks, payment systems and more. At the same time, verified accounts were also sold, the cost of which was much higher.”

Operators behind the bot farm were offering large numbers of active accounts for multiple online services that their customers used to carry out spam campaigns.

The Ukrainian Police raided houses, apartments, garages and rented offices in six Ukrainian cities (Kiev, Odesa, Lviv, Nikolaev, Rivne, and Kherson) and seized equipment used in the bot farm, including multi-SIM card modems and electronic equipment used to signup to payment systems.

Crooks were using the SIM cars to register accounts on various services that require a phone number for the verification of users’ identity. Crooks were preserving their anonymity using VPN and TOR services.

Police officers and the Main Investigative Directorate of Ukraine’s National Police carried out searches at houses, apartments, garages and rented offices where the group set up the illegal activity.

To anonymize the bot farm traffic, the operators ran connections through VPN services and the Tor network. Details of how the officers were able to discover the physical addresses remain undisclosed.

Authorities will analyze the seized equipment in an attempt to collect additional information on the crime rings.

“The pre-trial investigation is ongoing within the framework of the previously initiated criminal proceedings under Art. 1889 (Requirement), Art. 258 (Terrorist Act), Art. Measures are being taken to prosecute those involved in the organization of such activities. ” concludes the statement.

Today I had the pleasure to write a post on another successful operation conducted by law enforcement. A joint operation conducted by the Netherlands’ National Criminal Investigation Department and National Cyber Security Center allowed to track down and seize five servers that were composing a cybercrime underground bulletproof hosting service.

The servers were hosted at an unnamed data center in Amsterdam, it was used by tens of IoT botnets involved in DDoS attacks worldwide. 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – bot farm, cybercrime)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

2 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

13 hours ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

17 hours ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

23 hours ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

1 day ago

Finnish police linked APT31 to the 2021 parliament attack

The Finnish Police attributed the attack against the parliament that occurred in March 2021 to…

1 day ago

This website uses cookies.