«
»

Webwail Botnet and MSN

2010/09/08, 11:19 pm

Today, I made a BIG video of the process that Webwail register new MSN account for its spam purpose.

Above is only one function of Webwail Botnet, its main purpose is send spam from those pre-registered MSN accounts. I’ll make another video on that.

Webwail Reg MSN Routine:

1. Retrieve pre-defined MSN user info from C&C server

2. Fill the register form

3. Change to Audio CAPTCHA

4. Send CAPTCHA to resolving server

5. Fill the CAPTCHA

6. Login the new registered MSN account to verify

7. Wait for next user info.

From my Pushdo/Cutwail/Webwail Botnet Tracker DB(I can’t give a precise number,simply because the number is increasing everyday)

1.  8K+ MSN accounts are used to send spam.

2.  20K+ pre-defined MSN user informations which will be used for register MSN accounts.

3.  200+ spam templates

I’ll give a presentation about Webwail Botnet in VB100 conference

The Webwail botnet: a reputation-based filter killer – http://www.virusbtn.com/conference/vb2010/abstracts/Yang.xml

-Kyle Yang

Tags: ,
Category: Botnet Researching  |  Comment (RSS)  |  Trackback

Leave a Reply