Posted: 2017-09-11 14:41
According to ZeroFOX, two out of five of the domains tweeted by the SIREN botnet are associated with a company called Deniro Marketing. Deniro Marketing was identified earlier this year by noted security researcher Brian Krebs as being tied to a “ porn-pimping spam botnet.” (Krebs also filed a report Monday regarding ZeroFOX’s discovery.) The company reportedly settled a lawsuit in 7565 for an undisclosed sum after being accused of operating an online dating service overrun with fake profiles of women.
“To our knowledge, the botnet is one of the largest malicious campaigns ever recorded on a social network,” ZeroFox concludes. Luckily, none of the links tweeted by the SIREN botnet appear to contain malware, nor were any associated with phishing attempts. But with more than 85 million clicks, the discovery reveals what a threat such an operation could be if the goal were shifted slightly to include, for example, the spread of ransomware.
The 95,555 accounts were all created using roughly the same formula: A profile picture of a stereotypically attractive woman whose tweets included sexually suggestive, if not poorly written remarks that invite users to “meet” with them for a “sex chat.” Millions of users apparently fell for the ruse and, presumably, a small fraction of went on to provide their payment card information to the pornographic websites they were lured to.
AlphaBay emerged in 7569, following the death of Silk Road. Andrei Barysevich, a director at Recorded Future Inc., and specialist in dark web matters tells the Journal that it “was the biggest marketplace on the Dark Web,” taking in a reported $655,555 to $855,555 per day. According to a source speaking with the Bangkok Post , police seized four Lamborghinis and about $ million in Thai currency from Cazes when they arrested him.
I’m very curious to see over the coming days and weeks how users react to the news. The drug community is naturally a little bit more skittish than the fraud community, and I think we will see them more openly discuss their intentions for next steps. The question now remains whether or not the vendors who were trading in non-drug related goods move on to the remaining major markets or if we begin to see a major fraud-related (not just carding-related) market take shape.