Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Quality Assurance in a Managed Spamming Service

Published by Dancho Danchev under on February 11, 2009
Following previous coverage of the managed spam services offered by the Set-X mail system and a copycat variant of it, a newly introduced managed spam service is emphasizing on quality assurance through the use of a Google Search Appliance for storing of the harvested email databases and the spam templates.

Here's an automatic translation of some of the key features offered by the system, currently having a price tag of $1,200 per month:

"A summary of the main possibilities of the system
- Innovative technology deliver a unique e-mail system designed specifically for ******** to maximize serve up e-mails with a low rate of rejection-Kernel Multi-organization system provides extremely high speed while the low-platform-Provide complete sender's anonymity at the maximum system performance in terms multi-technology operating system bypass content filters using the built-in special tags:

+ Configurable generation of random strings
+ Change the case of letters randomly in a block 
+ random permutation of symbols in the block 
+ Inserting a random character in an arbitrary place in the block 
+ Replacing the same style of letters Latin alphabet for the Russian block 
+ Duplicating a random character in the block 
+ Paste into the body of a random letter strings from a file 
+ Managed morfirovanie image files in the format GIF-Correct emulation header sent letters Simultaneous connection of several bases e-mail addresses of those letter-substitution is performed from file-substitution e-mail addresses for the fields From and Reply-To is performed from a file-format of outgoing messages TEXT and HTML
+Ability to send emails from attachments
+Correct work with images in HTML messages possible as a direct method and with copies of CC , BCC-record-keeping system, results of the system is stored in files good, bad and unlucky for each connection of e-mail addresses, respectively
+The system is convenient and intuitive graphical user interface

System management
The system is operated under the interface to "Control Panel". The first is of them is multifunctional and serves to start the process of sending (the state of the "Run"), pause (the state of "pause") and confirm the end of the (state "Report") . The second button ( "Stop") serves to interrupt the process otpravki. Data section also contains the following information fields: 
- executes an action in this field is carried out to date, the system-progress indicator graphic indication of progress the task, Completed Display task progress percentage 
- Successful delivery of letters to the number of addresses that had been carried out successfully, failure of the number of addresses that failed to deliver a letter-number bad non-existent addresses, duration of the actual time of the task-status displays the status of the kernel system kernel kernel memory Displays memory core systems"

The ongoing arms race between the security industry and cybercriminals, is inevitably driving innovation at both sides of the front. However, based on the scalability of these managed spam services, it's only a matter of time for the vendors to embrace simple penetration pricing strategies that would allow even the most price-conscious cybercriminals, or novice cybercriminals in general to take advantage of this standardized spamming approach. The disturbing part is that the innovation introduced on behalf of the spam vendors in terms of bypassing spam filters, seems to be introduced not on the basis of lower delivery rates, but due to the internal competition in the cybercrime ecosystem.

For instance, new market entrants in the face of botnet masters attempting to monetize their botnets by offering the usual portfolio of cybercrime services, often undercut the offerings of the sophisticated managed spam vendors. And so the vendors innovate with capabilities that the new market entrants cannot match, in order to not only preserve their current customers, but also, acquire new ones. Managed spam services as a business model is entirely driven by long term "bulk orders", compared to earning revenues on a volume basis by empowering low profile spammers with sophisticated delivery mechanisms.

In the long term, just like every other segment within the cybercrime ecosystem, vertical integration and consolidation will continue taking place, and thankfully we'll have a situation where the spam vendors would be sacrificing OPSEC (operational security) on their way to scale their business model and acquire more customers.


Post a Comment