Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

New Tool Automates Spam

Cheap software promises to post 1,100 messages to Web forums in less than 15 minutes



Just when you thought you had that spam under control: There's a new, inexpensive software package out that helps spammers send out their messages -- and frequently, malware -- at record speeds.

Security researchers at Panda Labs yesterday reported that they have spotted the sale of a new tool called XRumer that promises to help spammers get their messages out to larger numbers of users in less time than ever before.

XRumer, which retails for $450, automates the process of registering, logging onto and posting messages on online forums and Websites that accept comments. The software could help a spammer post a message to myriad online communities, including blogs, wikis, or guestbooks. It is capable of responding to many types of "captcha" images that are designed to prevent automated postings, according to Botmaster, which sells the program.

XRumer works with another Botmaster application, Hrefer, a $50 tool that seeks out forums and other Web pages where public comments are accepted. Hrefer finds the pages that can accept the spam messages, and XRumer handles the registration and posting of those messages, Botmaster says. Working together, the tools also give spammers a list of proxies that they can use to hide their originating IP addresses.

Although Panda Labs is reporting XRumer as a security threat, Botmaster's Website contends that the software breaks no laws.

"In no way does XRumer act like a spam-bot," Botmaster says. "Spam is defined in legislation as unsolicited email, whereas XRumer simply posts messages created by users, which cannot be illegal, providing the user does not [post] anything prohibited by the law." Most anti-spam laws only apply to messages sent to users' email boxes, not to public forums where users read and submit messages voluntarily, Botmaster maintains.

Forum moderators and Webmasters can usually remove spam messages, but XRumer is set up to avoid automated systems that filter "offtopic" messages, Botmaster says.

Panda Labs warns enterprises that online comment pages and forums are becoming increasingly popular targets. "It has become more and more usual to see Websites -- forums, blogs, wikis, guestbooks, etc. -- that contain advertising comments or links that direct users to sites that infect their systems with malware," the security vendor says.

— Tim Wilson, Site Editor, Dark Reading

  • Panda Software Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Oldest First  |  Newest First  |  Threaded View
    7 Tips for Infosec Pros Considering A Lateral Career Move
    Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2020
    For Mismanaged SOCs, The Price Is Not Right
    Kelly Sheridan, Staff Editor, Dark Reading,  1/22/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Current Issue
    IT 2020: A Look Ahead
    Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
    Flash Poll
    How Enterprises are Attacking the Cybersecurity Problem
    How Enterprises are Attacking the Cybersecurity Problem
    Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2015-3154
    PUBLISHED: 2020-01-27
    CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email.
    CVE-2019-17190
    PUBLISHED: 2020-01-27
    A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe (which is running as NT AUTHORITY\SYSTEM) when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, the...
    CVE-2014-8161
    PUBLISHED: 2020-01-27
    PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message.
    CVE-2014-9481
    PUBLISHED: 2020-01-27
    The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML.
    CVE-2015-0241
    PUBLISHED: 2020-01-27
    The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric ...