14 DAY TRIAL // Remember those annoying spam messages concerning the US presidential candidate Ron Paul? Well, it seems like all the messages were sent from somewhere in Eastern Europe, as the security experts managed to shut down a network and analyze its software, "PC Advisor" reports today. Although Ron Paul denied any connection with the spammers, the congressman was still afraid that this could affect his image, since the messages have been sent through infected computers, exploited without the users' knowledge. Just like in any other botnet, the computers were infected with a Trojan horse, identified as Trojan.Srizbi, in order to compromise the operating system and make them part of the network.
"It probably wasn't even set up by a Ron Paul supporter. This whole system has been around since 2004. This [spam] somehow just landed in this underground spam economy," Joe Stewart of SecureWorks told PC Advisor.
What's more interesting is that the spamming campaign was started from somewhere in the United States, but was conducted through a company owned by an Ukrainian man. It seems like he managed to infect no less than 3,000 computers. The US network, located in the United States, has been discovered by the security researchers and blocked in November, in order to analyze the software and discover its connections.
It appears that the Ukrainian spammer, nicknamed 'spm', rented his botnet to 'nenastnyj' who sent numerous spam messages all over the world, "PC Advisor" continued. The SecureWorks expert believes 'nenastnyj' "paid 'spm' between $100 and $1,000 to send out the Ron Paul mailing," as the same source added.
"Nenastnyj appears just to be a small-time spammer who doesn't write the spam software. Basically he just makes money by finding sponsors and then becoming a mailer for them and using someone else's mail service to send it," Joe Stewart commented.