“Russian hackers” have learned to send spam bypassing protection. The program sells well on the darknet

The Russian-language darknet sells a program that allows you to distribute spam messages bypassing traffic and email protection tools. The program operates a function in the IMAP protocol.

The main thing is to hack in advance

A new tool for spammers is being actively sold on the darknet, which allows bypassing the standard protection of e-mail accounts: by exploiting the function in the Internet Message Access Protocol (IMAP), attackers upload the messages they need directly to the mailboxes of victims.

To trigger an attack, it is necessary that the attackers already have access to the victim’s account. The Email Appender malware has been actively promoted on Russian-language hacker forums since the fall of 2020, as evidenced by the screenshot provided by the Bleeping Computer publication.

The author suggests using the program through a subscription — $50 for one day, $300 for a week or $1000 per month. This is very expensive, but judging by recent campaigns, the demand for this service is very high.