Feeds

Alleged Russian spam-lord hauled into US court

Bogus todger-stiffening pills flogged to Wisconsin cops

Internet Security Threat Report 2014

A Russian who allegedly at one time ran a network of compromised machines responsible for a third of global spam appeared in federal court in Wisconsin on Friday to deny the charges.

Oleg Y Nikolaenko, 23, a resident of Moscow, faces charges that he forged email spam messages in violation of the US CAN-SPAM Act, following his arrest in Las Vegas' Bellagio Hotel last month.

Prosecutors allege that the Russian was responsible for pumping out a staggering 10 billion spam messages per day, touting penis pills and counterfeit goods using the infamous Mega-D botnet network.

Nikolaenko (pictured in a CNN story here) entered a not guilty plea. He was denied bail after prosecutors successfully arguing he presented a flight risk if released.

The prosecution is taking place in Wisconsin because local agents there bought a specimen purchase of Viagra through a Canadian Pharmacy operation allegedly promoted by Nikolaenko's junk mails, AP reports. The pills unsurprisingly turned out to be counterfeit.

Federal investigators got a lead on Nikolaenko after arresting one of his alleged clients, a dodgy businessman promoting sales of counterfeit Rolex watches through junk mail. Australian Lance Atkinson, who ran the Affking email marketing and counterfeiting scam business until he was collared in 2008, is allegedly pointing the finger of blame towards Nikolaenko as part of a plea bargaining deal according to this KrebsOnSecurity report.

The electronic trail of the subsequent investigation led back through command and control servers in Australia onto Gmail accounts and electronic payment records tied back to Nikolaenko, as explained in greater depth by Gary Warner's CyberCrime & Doing Time blog here.

The Mega-D zombie network was infamous as a source of spam prior to a January 2009 takedown operation mounted by security firm FireEye, which failed to kill off the botnet entirely but did at least drastically reduce its output since. Security vendors welcomed the arrest of Nikolaenko as the final nail in the Mega-D coffin, while warning other spam-spewing zombie networks have risen to take its place.

Joe Stewart, director of malware analysis at security tools firm SecureWorks, commented: "Before being disrupted by FireEye, Mega-D rivalled Cutwail and Rustock as one of the top three spam botnets in the world. In 2009, the botnet was capable of sending 16 billion spam messages per day.

"Between FireEye's efforts and the arrest of Nikolaenko, Mega-D has finally been put out of commission. However, other botnets are already filling the void left by Mega-D, showing that we still have a long way to go in the fight against spam." ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
Webcam hacker pervs in MASS HOME INVASION
You thought you were all alone? Nope – change your password, says ICO
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Meet OneRNG: a fully-open entropy generator for a paranoid age
Kiwis to seek random investors for crowd-funded randomiser
USB coding anarchy: Consider all sticks licked
Thumb drive design ruled by almighty buck
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.