• 19 Jul
    Spam Nation

    Spam Nation is a non-fiction book written by Brian Krebs, a well known journalist and the author of the blog. The book's primary focus is on the cybercrime coming from the post-Soviet states, especially related to spam. The main story line revolves around Pavel Vrublevsky and Igor Gusev, two partners in crime who, like in a classic gangster flick, become enemies and start an all out war of attrition - “Pharma Wars”. Bribing politicians, hiring FSB agents, hacking and leaking each other's databases anything goes in this personal fight. Along the way you will learn about the inner workings of the massive spam operations and the political, criminal, financial, and social forces that drive them.

    Below are brief summaries for the 12 chapters and the appendix. I tried to avoid too many spoilers, but you can still get a good idea of what you can expect to learn from the book:

    Chapter 1 – Parasite

    The first chapter gives us a bird's eye view on the state of the spammer world. It discusses the key players, spammer communities, and events that are discussed in depth later in the book. The chapter also offers a brief summary of the exact causes for the explosion of spam and the most effective methods to combat it.

    Chapter 2 – Bulletproof

    Provides detailed information about the rise and fall of several “bulletproof” networks/hosting providers and people behind them. It was particularly fascinating to read about just how much these networks are intertwined with both organized crime and corrupt law enforcement to both ensure their survival and deal with any unwanted competition.

    Chapter 3 – The Pharma Wars

    Introduces the main subject of the book - “Pharma Wars”, a feud between Pavel Vrublevsky and his ex-partner Igor Gusev. Both Vrublevsky and Gusev were operators of competing online pharmaceutical stores, payment processors, and corresponding spamming operations. The chapter discusses the incredible lengths the two would go to eliminate each other.

    Chapter 4 – Meet the Buyers

    The author takes a step back from the main story to discuss what drives the buyers to purchase potentially dangerous medication from unlicensed online pharmacies. The chapter has several striking accounts from a few of such buyers in the United States. Alarmingly, we learn that these buyers were driven to online pharmacies to purchase prescribed medication they would not have been able to afford due to extremely high medication costs and insufficient health insurance coverage.

    Chapter 5 – Russian Roulette

    Continues from the previous chapter's focus on the consumer. While the chapter opens with a cautionary tale of a death caused by the purchase of fraudulent prescription medication online, further investigation has a completely opposite conclusion: the vast majority of the prescription drugs ordered from online pharmacies are far cheaper and no less safe than the same pills ordered through a local pharmacy.

    Chapter 6 – Partner(kas) in (Dis)organized Crime

    Discusses how online pharmacies are driving spammer operations to market their products through various affiliate programs called “partnerka”s in Russian. The spammers in turn drive large botnets and malware development in order to distribute the spam.

    Chapter 7 – Meet the Spammers

    This chapter discusses the profiles of the most notorious spammers in the world and the botnets they operate. It was interesting to learn how the operators of these botnets often hired teams of well payed programmers to support them.

    Chapter 8 – Old Friends Bitter Enemies

    In this chapter we go back to the Pharma Wars story. We learn how Vrublevsky and Gusev first met and their brief partnership when they launched a credit card processor, ChronoPay. After the two parted ways, both Vrublevsky and Gusev establish competing online pharmacies and the corresponding spamming communities. The rest is a story of the two men stopping at nothing to hurt each other using anything at their disposal.

    Chapter 9 – Meeting in Moscow

    Covers the author's meeting with Vrublevsky in Moscow. It was interesting to read about Vrublevsky's lavish lifestyle and his dismissal of any wrongdoings even when confronted with evidence that proves otherwise.

    Chapter 10 – The Antis

    We steps back from the main story to talk about the Anti-Spammer community that includes both corporations and volunteer vigilantes. The chapter has an interesting story of a company, Blue Security, that was trying to take a more active role in their fight against spam and the disastrous effect it had when the spammers engaged in an all out warfare against this company.

    Chapter 11 – Takedown

    Talks about the end of the golden-age of spam helped by a more active industry and government involvement. The chapter discusses a series of arrests and takedowns of spammer botnets, bulletproof hosts, registars, and money-laundering networks.

    Chapter 12 – Endgame

    In the culmination of the Pharma Wars, this chapter discusses Vrublevsky's arrest and prison sentence as well as Gusev's near escape from Russia to avoid prosecution. We also learn about cybercriminals' experiments to adapt their operations to extract profit from ransomware, data theft malware, black SEO, and other innovative forms of online crime.

    Epilogue – A Spam-Free World: How You Can Protect Yourself from Cybercrime

    A highly practical collection of tips and tricks on how to best protect yourself online . The chapter educates users on how to choose good passwords, keeping software up to date and minimizing exposure to online threats.

    Overall I really enjoyed the book. Clearly the author has spent a considerable time researching the material and sifting through large collections of evidence to present a truly definitive account on the spamming operations and the people running them. I liked how the author tried to instil the responsibility for the safety of the Internet as a whole begins with the safety of its individual users. On the other hand, the book could have used a bit more editing and polish. For example, the placement of chapters not specifically dealing with the Pharma Wars is often distracting to the reading flow. That said the content itself more than makes up for any minor issues and I eagerly await Brian's next major work.

    Special Note

    Hidden inside Spam Nation is an inspirational story about the author's escape from the clutches of the corporate bureaucracy to pursue the path on his own terms, to do what he liked doing best. Congratulations on making the right choice and thank you for this work.



    ida patcher

    Size 6.0 KB
    DateSeptember 13th, 2014

    IDA Patcher is a plugin for Hex-Ray's IDA Pro disassembler designed to enhance IDA's ability to patch binary files and memory. The plugin is useful for tasks related to malware analysis, exploit development as well as bug patching. IDA Patcher blends into the standard IDA user interface through the addition of a subview and several menu items. Read more.


    Size 6.8 MB
    DateAugust 3rd, 2016

    FakeNet-NG is a next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions of Windows (and Linux, for certain modes of operation). FakeNet-NG is based on the excellent Fakenet tool developed by Andrew Honig and Michael Sikorski.

    The tool allows you to intercept and redirect all or specific network traffic while simulating legitimate network services. Using FakeNet-NG, malware analysts can quickly identify malware's functionality and capture network signatures. Penetration testers and bug hunters will find FakeNet-NG's configurable interception engine and modular framework highly useful when testing application's specific functionality and prototyping PoCs. Read more.


    Download Not Available
    Size Not Available
    DateJuly 26th, 2017

    FLARE VM is a fully customizable, Windows-based security distribution for malware analysis, incident response, penetration testing, etc. Read more.


    Size 2.5 MB
    DateNovember 6th, 2014

    DNSChef is a highly configurable DNS Proxy for Penetration Testers and Malware Analysts. It is capable of fine configuration of which DNS replies to modify or to simply proxy with real responses.

    Version 0.3 introduces support for more DNS record types, DNSSEC, logging, more configurable remote nameservers, support for the updated dnslib library and several bug fixes.

    Version 0.2 introduces IPv6 support, large number of new DNS record types, custom ports and other frequently requested features. Read more.


    All original content on this site is copyright protected and licensed under Creative Commons - Attribution, NonCommercial, ShareAlike 4.0 International.