Spammers get bullish on stocks

Pump-and-dump pumped


A week before Christmas, Diamant Art seemingly got a holiday bonus: On 18 December, the small Canadian maker of plastic food wrap saw its sub-penny stock price triple from 0.08 cents to a peak of 0.25 cents while trading in shares of the firm skyrocketed.

Yet, the price boost was not driven by good news issued by the company but a massive unsolicited email campaign sent from a host of computers - a botnet - compromised by a difficult-to-detect Trojan horse program known as Rustock. Each computer received an image touting the stock that had been designed to foil anti-spam software and started sending out email messages with the attachment.

The activity is part of the latest internet age pump-and-dump stock scheme. The people involved typically buy stock at a low price, use a bulk email campaign to pump up prices, and then sell - or dump - the stock at the higher price. Because many companies touted by such spam are immediately suspected of involvement in the promotion, Diamant Art went on the defensive and quickly released a press release disavowing the campaign.

"The corporation has again found itself the victim of persons or of self-proclaimed investment advisors who issue spam email (using information) they acquire...directly from public domain sources or public speculation (and) purporting to come from the Corporation," Diamant Art stated in a press release issued on the same day (The company did not respond to requests for comment).

Companies will likely have to keep on issuing such statements.

A year ago, stock spam made up only about five per cent of all spam email messages, according to email service provider MessageLabs. Now, stock spam is on a trajectory to become the biggest category in unsolicited email marketing, with 35 per cent or more of spam touting a stock, according to the firm.

Anti-virus firm Symantec - the owner of SecurityFocus - has also noted the trend, finding that the monthly fraction of spam dedicated to stocks varies between 20 and 40 per cent.

The increasing popularity of stock-touting spam is also notable because the total amount of spam - driven by bot net activity - is on the rise. While a Christmas drop in the number of compromised PCs appears to have led to a general drop in spam volume, the number of PCs coopted by botnets for use in spamming operations continues to increase.

Of course, the rise of stock spam should come as no surprise.

Stock spam tends to boost prices, though the average gain is far more modest than the trebling in price for Diamant Art. Last year, two researchers studied 93 stocks touted by unsolicited email and found that the price increased by 1.7 per cent on average on the day the spam was first received. On the following day, the stock price dipped 0.9 per cent on average and then rose by that same amount on the second day.

Such minuscule gains are now more the rule than the exception, said John Reed Stark, chief of the Office of Internet Enforcement at the US Securities and Exchange Commission (SEC).

"Stocks do go up because of spam in some cases," Stark said. "In the early days, the price changes were more like 15 cents to $15. Now I don't see the significant price jumps that we use to see."

Yet, stock spammers are becoming more savvy about the practice. While the overwhelming majority of email touting the stocks of specific companies are fraudulent and violate securities regulations, the spammers do at least attempt to dress up the emails in the trappings of legality.

"The spam in the early days - by which I mean the late 1990s - used to contain blatant falsehoods," Stark said. "It was very easy to prove the false statements. Now, the spammers aren't as bold in their projections and use disclosures to attempt to appear legitimate."

Moreover, the programs used to send spam are evolving as well. Pump-and-dump spam campaigns are increasing sent by computers that have been compromised by bot software - programs that turn a victim's system into a component of a massive network that can be remotely commanded.

In the Diamant Art pump-and-dump campaign, a bot program - dubbed Rustock and flagged by anti-virus firms as the latest advanced threat - was used to compromise PCs.

In many cases, the exact means that spammers use to send out stock-touting email is unknown, but this time, south of the Canadian border in the United States, a security researcher witnessed the entire attack.


Other stories you might like

  • Prisons transcribe private phone calls with inmates using speech-to-text AI

    Plus: A drug designed by machine learning algorithms to treat liver disease reaches human clinical trials and more

    In brief Prisons around the US are installing AI speech-to-text models to automatically transcribe conversations with inmates during their phone calls.

    A series of contracts and emails from eight different states revealed how Verus, an AI application developed by LEO Technologies and based on a speech-to-text system offered by Amazon, was used to eavesdrop on prisoners’ phone calls.

    In a sales pitch, LEO’s CEO James Sexton told officials working for a jail in Cook County, Illinois, that one of its customers in Calhoun County, Alabama, uses the software to protect prisons from getting sued, according to an investigation by the Thomson Reuters Foundation.

    Continue reading
  • Battlefield 2042: Please don't be the death knell of the franchise, please don't be the death knell of the franchise

    Another terrible launch, but DICE is already working on improvements

    The RPG Greetings, traveller, and welcome back to The Register Plays Games, our monthly gaming column. Since the last edition on New World, we hit level cap and the "endgame". Around this time, item duping exploits became rife and every attempt Amazon Games made to fix it just broke something else. The post-level 60 "watermark" system for gear drops is also infuriating and tedious, but not something we were able to address in the column. So bear these things in mind if you were ever tempted. On that note, it's time to look at another newly released shit show – Battlefield 2042.

    I wanted to love Battlefield 2042, I really did. After the bum note of the first-person shooter (FPS) franchise's return to Second World War theatres with Battlefield V (2018), I stupidly assumed the next entry from EA-owned Swedish developer DICE would be a return to form. I was wrong.

    The multiplayer military FPS market is dominated by two forces: Activision's Call of Duty (COD) series and EA's Battlefield. Fans of each franchise are loyal to the point of zealotry with little crossover between player bases. Here's where I stand: COD jumped the shark with Modern Warfare 2 in 2009. It's flip-flopped from WW2 to present-day combat and back again, tried sci-fi, and even the Battle Royale trend with the free-to-play Call of Duty: Warzone (2020), which has been thoroughly ruined by hackers and developer inaction.

    Continue reading
  • American diplomats' iPhones reportedly compromised by NSO Group intrusion software

    Reuters claims nine State Department employees outside the US had their devices hacked

    The Apple iPhones of at least nine US State Department officials were compromised by an unidentified entity using NSO Group's Pegasus spyware, according to a report published Friday by Reuters.

    NSO Group in an email to The Register said it has blocked an unnamed customers' access to its system upon receiving an inquiry about the incident but has yet to confirm whether its software was involved.

    "Once the inquiry was received, and before any investigation under our compliance policy, we have decided to immediately terminate relevant customers’ access to the system, due to the severity of the allegations," an NSO spokesperson told The Register in an email. "To this point, we haven’t received any information nor the phone numbers, nor any indication that NSO’s tools were used in this case."

    Continue reading

Biting the hand that feeds IT © 1998–2021