Readers like you keep news free for everyone.

More than 5,000 readers have already pitched in to keep free access to The Journal.

For the price of one cup of coffee each week you can help keep paywalls away.

Support us today
Not now
Friday 8 December 2023 Dublin: 9°C
Shutterstock/Jeff Wasserman
be careful

A lone hacker is earning up to €91,000 per month just by sending emails

And he may not even have great computer skills.

A LONE HACKER is earning between €55,000 and €91,000 per month by using an automated attack tool to send around one million spam emails a day, according to researchers from security firm Trustwave.

The emails contain links to bogus products and services, which some receivers respond to and send money. The money is directed back to the hacker. 

The hacker is using an RIG exploit kit to infect computers, Trustwave researchers said.  

Exploit kits are attack tools commonly traded on underground online black markets that let criminals, who may not have strong computer skills, mount cyber attacks.

Trustwave researchers reported detecting a growth in the number of RIG exploit kit infections in a threat advisory, noting that the attack tool is being used to infect over 27,000 computers per day.

The rise in infections happened after the creator of RIG released an upgrade for the attack tool. Trustwave said the majority of the attacks are spreading malware.

“Generally speaking, RIG 3.0 customers deliver various payloads through RIG, each depending on a specific customer, but the distinct top payload delivered here is the Tofsee spambot,” read the threat advisory.

A spambot is a form of malware that enslaves victim computers and forces them to send spam messages. Trustwave reported the majority of the infections stem from one RIG exploit kit user codenamed Customer X.

Customer X manages to infect about 500,000 machines per month with the Tofsee payload. The going rate for spam campaigns is approximately $0.50 USD per 1,000 successfully sent emails.

“This particular payload of Tofsee was observed in our labs attempting to send approximately one million emails per day from a single bot, of which about 2,000 emails were successfully sent.”

Trustwave estimates the attacks are earning Customer X up to €91,000 per month.

Combating exploit kits is an ongoing goal of the US Federal Bureau of Investigation (FBI) and UK National Crime Agency.

The FBI led an international takedown operation against a hacking forum known to be distributing exploit kits,known online as Darkode, in July.

A new, more secure, version of Darkode appeared less than two weeks after the operation. It is believed to be run by one of the old site’s administrators.

‘Profoundly stupid’: Young man makes Intel hoax bomb call to get his friend out of working

WATCH: Americans try to find Ireland on a map, and it doesn’t go well

Published with permission from
Business Insider
Your Voice
Readers Comments
    Submit a report
    Please help us understand how this comment violates our community guidelines.
    Thank you for the feedback
    Your feedback has been sent to our team for review.