direct mailer from yellsoft has had back door for 5 years - GoFuckYourself.com

crockett · 05-02-2015, 02:20 PM

Unnoticed for years, malware turned Linux and BSD servers into spamming machines

These guys were selling anonymous spamming software but also leaked a pirated copy of their own software. In this pirated copy they had a black door which turned Linux and BSD servers into spam bots.

They were able to keep it going for 5 years with out getting caught until now.

A snippet from the article..

Quote:

The price of the software is $240, but interestingly enough, there is a link to a site offering a "cracked" version of DirectMailer. The developers explicitly say that they don't provide technical support for users of pirated versions of DirectMailer downloaded from that site or any other, but the fact that they provide a direct link is strange.

"Why would you want to show where to steal your software?" asks Leveille, and comments that it is this, and the facts that Yellsoft’s homepage seems to be hosted on the same server as Mumblehard’s backdoor and spammer C&C server and that the pirated DirectMailer and Mumblehard’s spammer share code what makes them suspect they are the same group.

The pirated DirectMailer copies contain the Mumblehard backdoor, and when users install them, they give the operators a backdoor to their servers, and allow them to send spam from and proxy traffic through them.

I wondered whether the original DirectMailer software contained the backdoor, too, but Leveille couldn't answer that question for me.

"We do not know if the paid-for version of DirectMailer also include the backdoor or not. We did not, and didn’t want to, buy software from Yellsoft," he noted. "If anyone has a paid copy they are willing to send us, we’d be glad to analyze it and confirm if the backdoor is present."

What's worrying, he says, is that the Mumblehard operators have been active for many years without disruption.

EddyTheDog · 05-02-2015, 02:24 PM

Quote:

Originally Posted by crockett

Unnoticed for years, malware turned Linux and BSD servers into spamming machines

These guys were selling anonymous spamming software but also leaked a pirated copy of their own software. In this pirated copy they had a black door which turned Lexus and BSD servers into spam bots.

They were able to keep it going for 5 years with out getting caught until now.

I am going to use my physic powers - You have been looking at car sites today...

Maybe Toyota or wait, Lexus?....

Damn, I'm good...

MaDalton · 05-02-2015, 02:34 PM

05-02-2015, 02:34 PM	#3
MaDalton I am Amazing Content! Industry Role: Join Date: Feb 2004 Posts: 39,821	__________________ AmazingContent.com - providing only the best content and service since 2003 Monetize your content on Veegaz.com - one of Germanies largest VOD sites Got German traffic? We convert it into money for you! Skype: madalton02826 - Email: oltecconsult [at] gmail [dot] com