Tofsee Botnet Distributes Spam Containing Pharmaceutical and Dating Web-Links


Talos reports that a multi-purpose malicious program Tofsee has been prowling the web since many years, infecting systems from to say the least 2013. The program contains several modules with which different activities are executed like dispatching spam mails, carrying out click-fraud, harvesting digital currencies and more. As Tofsee contaminates computers, they get added to the Tofsee network-of-bots from where they're made to distribute huge numbers of spam mails so that more computers are infected, thus enlarging the Tofsee botnet's overall size.

When Tofsee botnet dispatches spam messages, it generally delivers adult dating aimed at searching Russian brides and pharma-related e-mails.

According to Cisco, the Tofsee group of attackers during the greater part of its existence utilized the RIG attack toolkit for contaminating users with its malicious program. Softpedia.com posted this, September 29, 2016.

Edmund Brumaghin, security researcher with Talos blogs that e-threats keep developing to newer forms because attackers keep using different methods for distributing their harmful wares. Moreover, the threat actors too keep putting effort for making their presence widespread by piggybacking on the unprecedented rise in total Internauts and devices, he adds.

Previously during the current year of 2016, Talos discovered the RIG ET serving the Tofsee malicious program to hijacked end-points with the aid of malvertising. But, presently, it seems the botnet controller is no longer employing passive techniques.

Necessarily, new bots require getting added each day, since the earlier ones are blacklisted to get included into spam lists, or are eliminated from the network. Now, RIG earned one bigger market share following damage to Neutrino, another exploit kit. Thus Tofsee operators were compelled towards utilizing a spam botnet that was their own for dispatching spam containing Tofsee. At one point of its operation, the botnet was compelled towards demolishing itself so that it remained alive and generated fresh bots.

And while Botnet Tofsee all along gained recognition for dispatching junk e-mails, the e-mails from the past onwards have been traditionally containing web-links taking onto 'pharmaceutical' and 'adult-dating' sites. The spam botnet Tofsee is now using malevolent attachments, which work like malware downloader, an operation that has risen in volume and speed.

ยป SPAMfighter News - 10/4/2016

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page
Next