Top Spam Kingpin Arrested

Spam King Gone, Spam Rolls On

The takedown of the massive “Mega-D” botnet may put a temporary dip in people’s daily spam intake, but a security researcher involved in the federal investigation says the reprieve won’t last for long.

Joe Stewart, the director of malware analysis at SecureWorks, assisted the FBI in its criminal investigation that led to the arrest this week of Moscow resident Oleg Nikolaenko, the 23-year-old mastermind of the Mega-D botnet, a network of about 500,000 PCs capable of spewing 10 billion spam e-mails a day. He was arrested in the U.S. on his way to attend a car show in Las Vegas.

Nikolaenko had been targeted by federal investigators and security researchers for nearly four years for running the massive botnet which helped shill herbal male enhancement pills, generic prescription drugs, fake Rolex watches and counterfeit handbags. At times, the botnet accounted for one-third of all spam sent worldwide.

Mega-D spam came from 4docent@gmail.comThis e-mail address is being protected from spambots. You need JavaScript enabled to view it , which investigators tied to an account registered in Nikolaenko’s name with an address in Moscow, reported the security blog Krebs on Security.

Stewart, who had been tracking Mega-D for years, was responsible for analyzing the files found in the Gmail inbox, and confirmed to the FBI that they were in fact Mega-D malware.

Today (Dec. 3), Nikolaenko pleaded not guilty to charges that he violated the CAN-SPAM act. He is being held without bond, and is due in court on Dec. 21 for a scheduling conference, reported

But the takedown of one kingpin means another one will pop up soon, Stewart said.

"We will see a decrease of spam in the short term," Stewart told SecurityNewsDaily. "But even if the guy gets taken off the radar, there are still plenty of other spammers cranking up their operations. At some point the gap is filled."

Thought it was a significant win for the security good guys, Nikolaenko’s arrest amounts to a high-scoring hit in a large-scale game of Whack-a-Mole: one head gets bopped down, another pops up somewhere else.

"Whack-a-Mole is how we describe what we’re doing in the security field, and it’s a little bit frustrating," Stewart told SecurityNewsDaily. Although, to his and the FBI’s credit, Stewart added, “There’s lot of spammers, but there are only a so many that are going to work at this level. This guy was a pretty big mole."

For people truly invested in the world of cybercrime, Nikolaenko’s arrest -- while frightening and high-profile -- will probably not deter others from taking over where he left off.

"There are still sponsors out there needing people to sell their products, and plenty of botnet operators looking to take them on," Stewart said. "There’s lots of money to be made in this business -- all you need to do is have some decent programming skills and build a program that you can run hidden on a computer. One person can do that and make a lot of money, so it’s obviously very enticing."