Spamming for Ron Paul

By Matthew Harwood

Over at's Threat Level blog is an interesting story featuring a Ukrainian botnet, a spamming campaign, and the Republican candidate for president, Ron Paul.

Apparently this October, a Ukrainian botnet was used to send millions of spam messages stumping for Paul to over 162 million e-mail addresses, although many of the addresses were bad or outdated.

A researcher at SecureWorks has traced the October flood of deceptive spam promoting Republican presidential candidate Ron Paul to a criminal botnet of compromised computers run out of Ukraine, which was rented for the three-day job.

"While the total count of Ron Paul spam messages that actually landed in peoples' inboxes can't be known, it certainly was received by millions of recipients," writes security researcher Joe Stewart, in a SecureWorks report. "All this was done using around 3,000 bots."

The motivation for the Ron Paul spam is not known. It could have been an attempt by a misguided Ron Paul supporter to help his favored candidate or it could have been an attempt to draw negative attention to the candidate, says the Ron Paul campaign.

Paul's supporters are known for their web savviness, leveraging the power of the Internet to spread Paul's name on blogs and popular social networking Web sites like Myspace. And on November 5, Ron Paul's campaign raised over $4 million dollars online, the biggest haul using the Internet ever.

The spamming was perpetrated by a spammer-for-hire named "nenastnyj," according to the SecureWorks report, who used Reactor Mailer, a web-based interface that conveniently allows spammers to manage their campaigns. The political nature of the spam was a departure for both nenastnyj and Reactor Mailer, who typically travel in the standard spam fare of fake watches and pharmaceuticals.


View Recent News (by day)


Beyond Print

SM Online

See all the latest links and resources that supplement the current issue of Security Management magazine.