For 40 bucks, anyone can send Jabber spam.
Spam isn't just for emails. Drug dealers, credit card thieves, and hackers also advertise their services via Jabber, an instant messaging protocol.
But a dark web service dramatically speeds up and simplifies the whole process, meaning anyone can quickly fire out a barrage of Jabber spam. And some people are seemingly taking up the offer.
"Custom coded ransomware—unstoppable. $300 or 50/50 split," one advert, sent to Motherboard on Thursday, reads.
"Fake Scans ~ 30$ for your CC [credit card] to BTC [bitcoin] way and other business!" another reads, ostensibly advertising methods for transferring funds from stolen credit cards into bitcoins.
At the bottom of each of these adverts, which are just private Jabber messages, is a second advertisement for the marketing service itself, and several links to various Tor hidden services.
Described as a "semiautomatic Jabber advert service," the main dark web site allows visitors to send out their own spam. Just enter your Jabber address, a custom message, a link to where potential customers can actually buy your product, and send 0.04 bitcoins, or just over $40, to the service's creators. Users can also specifically target their advert to carding, hacking, or drug demographics.
But users can also become a so-called "partner" of the service. For $400, their message will appear at the bottom of every advert sent out by the service for a month. Another site collates links to advertised products such as VPNs, bank login credentials, and stolen credit card information.
The spam messages themselves appear to come from quickly generated burner accounts, with different accounts sending each advert on Thursday, and earlier throughout the week.
Making a spam list of potential customers wouldn't be all that hard either. Many people publicly post their Jabber address, and hackers have targeted Jabber services in the past.
This is the just the most recent wave of Jabber spam, too. Earlier this year, many Jabber users saw a noticeable uptick in unsolicited messages.
If you could remove me from your list, that would be great.
Subscribe to pluspluspodcast, Motherboard's new show about the people and machines that are building our future.