Application security, Application security, Threat Management, Malware, Network Security

That smarts! ‘Brain Food’ spam botnet malware found on thousands of websites

A spam campaign called Brain Food has been feeding email recipients a steady diet of junk messages containing links to pages promoting bogus intelligence-boosting supplements and diet pills. And for the last four months, the PHP-based botnet malware behind the operation has been observed by researchers on more than 5,000 compromised websites using various content management systems and hosting companies.

According to a Proofpoint blog post published late last week, Brain Food is "usually the second step in a chain of redirections" that begins with a goo.gl or bit.ly URL shortener link. Victims are ultimately sent to a landing page that often contains stolen branding and falsely claims the product appeared on Shark Tank.

Proofpoint reports that the PHP script hides from antivirus products, researchers and search engine crawlers using cloaking code polymorphic code, and obfuscation. "When crawled, the script redirects to the correct page, delays five seconds and redirects to the root of the compromised domain, delays and returns nothing, or redirects to the Unicef website," the blog post states, noting that the botnet's operators are actively monitor how the script's activity, and can switch to new landing pages to blacklist new URLs as needed in order to stay under the radar.

Additionally, says Proofpoint, there is backdoor in the code that enables "remote execution of shell code on web servers which are configured to allow the PHP 'system' command."

Bradley Barth

As director of community content at CyberRisk Alliance, Bradley Barth develops content for SC Media online conferences and events, as well as video/multimedia projects. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.