2023-06-07 17:45:10
2023-06-07 17:45:07
2023-06-06 20:15:26
1584864
One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to constantly create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam and account creation campaigns, by paying people to sell their email account credentials and letting customers temporarily rent access to a vast pool of established accounts at major providers.
The service in question — kopeechka[.]store — is perhaps best described as a kind of unidirectional email confirmation-as-a-service that promises to “save your time and money for successfully registering multiple accounts.”
As a customer of this service, you don’t get full access to the email inboxes you are renting. Rather, you configure your botnet or spam machine to make an automated application programming interface (API) call to the Kopeechka service, which responds with a working email address at an email provider of your choosing.
Once you’ve entered the supplied email address into the new account registration page at some website or service, you tell Kopeechka which service or website you’re expecting an account confirmation link from, and they will then forward any new messages matching that description to your Kopeechka account panel.
Ensuring that customers cannot control inboxes rented through the service means that Kopeechka can rent the same email address to multiple customers (at least until that email address has been used to register accounts at most of the major online services).
Kopeechka also has multiple affiliate programs, including one that pays app developers for embedding Kopeechka’s API in their software. However, far more interesting is their program for rewarding people who choose to sell Kopeechka usernames and passwords for working email addresses.
This service was recently used by a large botnet that mass-registered thousands of new Mastodon accounts in a short period, briefly overwhelming new signups last month on some Mastodon communities.
A huge note of thanks once again to @renchap for a heads up about this service.
More here:
https://krebsonsecurity.com/2023/06/service-rents-email-addresses-for-account-signups/
The service in question — kopeechka[.]store — is perhaps best described as a kind of unidirectional email confirmation-as-a-service that promises to “save your time and money for successfully registering multiple accounts.”
As a customer of this service, you don’t get full access to the email inboxes you are renting. Rather, you configure your botnet or spam machine to make an automated application programming interface (API) call to the Kopeechka service, which responds with a working email address at an email provider of your choosing.
Once you’ve entered the supplied email address into the new account registration page at some website or service, you tell Kopeechka which service or website you’re expecting an account confirmation link from, and they will then forward any new messages matching that description to your Kopeechka account panel.
Ensuring that customers cannot control inboxes rented through the service means that Kopeechka can rent the same email address to multiple customers (at least until that email address has been used to register accounts at most of the major online services).
Kopeechka also has multiple affiliate programs, including one that pays app developers for embedding Kopeechka’s API in their software. However, far more interesting is their program for rewarding people who choose to sell Kopeechka usernames and passwords for working email addresses.
This service was recently used by a large botnet that mass-registered thousands of new Mastodon accounts in a short period, briefly overwhelming new signups last month on some Mastodon communities.
A huge note of thanks once again to @renchap for a heads up about this service.
More here:
https://krebsonsecurity.com/2023/06/service-rents-email-addresses-for-account-signups/
Service Rents Email Addresses for Account Signups
One of the most expensive aspects of any cybercriminal operation is the time and effort it takes to create large numbers of new throwaway email accounts. Now a new service offers to help dramatically cut costs associated with large-scale spam…krebsonsecurity.com
This entry was edited (1 year ago)
BrianKrebs
•I'm lacking some current stats on this, but did find some interesting parallels in a 2011 study by UCSD which showed that the prices for Hotmail accounts were WAY cheaper in bulk than Gmail or even Yahoo accounts, primarily because there were fewer speedbumps to opening a new email account with them, so they had more available.
https://krebsonsecurity.com/wp-content/uploads/2011/07/sec11-final186.pdf
Fast-forward to the botnet powered mass registrations on Mastodon.social and elsewhere last month, and we can see that the vast majority of the email accounts used to register new accounts were hotmail.com. I don't think that's an accident. Spammers go where it's cheapest and easiest. #... show more
I'm lacking some current stats on this, but did find some interesting parallels in a 2011 study by UCSD which showed that the prices for Hotmail accounts were WAY cheaper in bulk than Gmail or even Yahoo accounts, primarily because there were fewer speedbumps to opening a new email account with them, so they had more available.
https://krebsonsecurity.com/wp-content/uploads/2011/07/sec11-final186.pdf
Fast-forward to the botnet powered mass registrations on Mastodon.social and elsewhere last month, and we can see that the vast majority of the email accounts used to register new accounts were hotmail.com. I don't think that's an accident. Spammers go where it's cheapest and easiest. #microsoft #hotmail #spam
Of course, when it comes to the value of a *hacked* inbox (i.e. one that actually was used by a human at some point and not solely created for abuse), the value can be enormous.
https://krebsonsecurity.com/2017/12/the-market-for-stolen-account-credentials/
https://krebsonsecurity.com/2013/06/the-value-of-a-hacked-email-account/
The Market for Stolen Account Credentials
krebsonsecurity.com