{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,14]],"date-time":"2026-01-14T20:29:58Z","timestamp":1768422598878,"version":"3.49.0"},"reference-count":52,"publisher":"IEEE","license":[{"start":{"date-parts":[[2020,11,16]],"date-time":"2020-11-16T00:00:00Z","timestamp":1605484800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/ieeexplore.ieee.org\/Xplorehelp\/downloads\/license-information\/IEEE.html"},{"start":{"date-parts":[[2020,11,16]],"date-time":"2020-11-16T00:00:00Z","timestamp":1605484800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-029"},{"start":{"date-parts":[[2020,11,16]],"date-time":"2020-11-16T00:00:00Z","timestamp":1605484800000},"content-version":"stm-asf","delay-in-days":0,"URL":"https:\/\/doi.org\/10.15223\/policy-037"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,11,16]]},"DOI":"10.1109\/ecrime51433.2020.9493261","type":"proceedings-article","created":{"date-parts":[[2021,7,27]],"date-time":"2021-07-27T21:07:41Z","timestamp":1627420061000},"page":"1-11","source":"Crossref","is-referenced-by-count":1,"title":["WordyThief: A Malicious Spammer"],"prefix":"10.1109","author":[{"given":"Renee","family":"Burton","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vadym","family":"Tymchenko","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Nicholas","family":"Sundvall","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Minh","family":"Hoang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jim","family":"Mozley","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael","family":"Josten","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"263","reference":[{"key":"ref39","year":"0","journal-title":"Predator the Thief"},{"key":"ref38","year":"0","journal-title":"Predator the Thief"},{"key":"ref33","year":"0","journal-title":"Namecheap Website"},{"key":"ref32","year":"0","journal-title":"Malware Analysis of Dridex BitPaymer and Doppel-Paymer Campaigns"},{"key":"ref31","author":"liu","year":"2018","journal-title":"A Death Match Of Domain Generation Algorithms"},{"key":"ref30","author":"lagadec","year":"2019","journal-title":"Python Oletools Version 0 55"},{"key":"ref37","article-title":"Ransomware Attacks Grow, Crippling Cities and Businesses","author":"popper","year":"2020","journal-title":"New York Times"},{"key":"ref36","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-030-00470-5_14"},{"key":"ref35","year":"2017","journal-title":"CVE-2017-11882 Detail"},{"key":"ref34","year":"0","journal-title":"New action to combat ransomeware ahead of US elections"},{"key":"ref28","author":"kacherginsky","year":"0","journal-title":"FakeNet-NG Next Generation Dynamic Network Analysis Tool"},{"key":"ref27","author":"jia","year":"0","journal-title":"Analysis of CVE-2017-11882 Exploit in the Wild"},{"key":"ref29","article-title":"Statistical Analysis of DNS Abuse in gTLDs Final Report","author":"korczy\u2019ski","year":"2017","journal-title":"Tech Rep Technical Report"},{"key":"ref2","year":"0","journal-title":"3xp0rtblog"},{"key":"ref1","year":"2017","journal-title":"17-Year Old MS Office Flaw (CVE-2017-11882) Actively Exploited in the Wild"},{"key":"ref20","doi-asserted-by":"publisher","DOI":"10.1145\/3299768"},{"key":"ref22","year":"0","journal-title":"fr3dhk"},{"key":"ref21","first-page":"1","article-title":"The Modality of Mortality in Domain Names","author":"foremski","year":"2018","journal-title":"Viruses"},{"key":"ref24","author":"greengard","year":"2020","journal-title":"Emotet as a Service A Serious New Cyber Threat"},{"key":"ref23","year":"0","journal-title":"Frankfurt shut down IT network following Emotet infection"},{"key":"ref26","author":"jedynak","year":"0","journal-title":"Peering into spam botnets"},{"key":"ref25","article-title":"Infoblox Threat Intelligence Data Exchange for Active Trust Suite","year":"0","journal-title":"SN-0218-03 0318"},{"key":"ref50","year":"0","journal-title":"Taurus Project C2 Domains"},{"key":"ref51","year":"0","journal-title":"VbaAutoOpen"},{"key":"ref52","year":"2020","journal-title":"What is PowerShell?"},{"key":"ref10","author":"barnett","year":"2019","journal-title":"Rig Exploit Kit Drops Predator The Thief InfoStealer and CrySIS Ransomware"},{"key":"ref11","author":"barnett","year":"2020","journal-title":"Valak Downloader\/InfoStealer Delivers IcedID Banking Trojan"},{"key":"ref40","author":"antony raj","year":"0","journal-title":"Want to Spam? Here are a Few Templates You Dan Use"},{"key":"ref12","author":"bennett","year":"0","journal-title":"AutoIt"},{"key":"ref13","author":"burton","year":"2020","journal-title":"Graph Techniques for Threat Intelligence Workflows"},{"key":"ref14","author":"burton","year":"2020","journal-title":"New Malware Variant Project Taurus Infostealer Follows in Predator the Thief’s Footprints"},{"key":"ref15","year":"0","journal-title":"Cloudflare Website"},{"key":"ref16","year":"0","journal-title":"2020 Global Threat Report"},{"key":"ref17","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2006.195"},{"key":"ref18","year":"0","journal-title":"Malware Trends"},{"key":"ref19","year":"0","journal-title":"Farsight Security"},{"key":"ref4","author":"abrams","year":"0","journal-title":"Emotet spam trojan surges back to life after 5 months of silence"},{"key":"ref3","year":"0","journal-title":"3xp0rtblog"},{"key":"ref6","year":"0","journal-title":"Apache SPARK"},{"key":"ref5","article-title":"Spambot detection: A review of techniques and trends","volume":"6","author":"adegbola","year":"2014","journal-title":"Network"},{"key":"ref8","author":"kumar","year":"0","journal-title":"Taurus The New Stealer in Town"},{"key":"ref7","author":"armer","year":"2020","journal-title":"Malspam Campaigns Deliver Predator the Thief InfoStealer"},{"key":"ref49","year":"0","journal-title":"The Rise of Information Stealers"},{"key":"ref9","author":"barnett","year":"2020","journal-title":"New Ransomware - Avaddon"},{"key":"ref46","year":"0","journal-title":"SURBL URI Reputation data"},{"key":"ref45","author":"sundvall","year":"2020","journal-title":"Vidar InfoStealer"},{"key":"ref48","doi-asserted-by":"publisher","DOI":"10.1016\/S1353-4858(19)30071-6"},{"key":"ref47","first-page":"24","article-title":"Know Your EK: A Content and Workflow Analysis Approach for Exploit Kits","volume":"9","author":"suren","year":"2019","journal-title":"J Internet Serv Inf Secur"},{"key":"ref42","year":"0","journal-title":"RU Registrar Website"},{"key":"ref41","first-page":"45","article-title":"Software Framework for Topic Modelling with Large Corpora","author":"?eh??ek","year":"2010","journal-title":"Proceedings of the LREC 2010 Workshop on New Challenges for NLP Frameworks"},{"key":"ref44","doi-asserted-by":"publisher","DOI":"10.1145\/2590296.2590302"},{"key":"ref43","doi-asserted-by":"publisher","DOI":"10.1109\/CCNC.2009.4784781"}],"event":{"name":"2020 APWG Symposium on Electronic Crime Research (eCrime)","location":"Boston, MA, USA","start":{"date-parts":[[2020,11,16]]},"end":{"date-parts":[[2020,11,19]]}},"container-title":["2020 APWG Symposium on Electronic Crime Research (eCrime)"],"original-title":[],"link":[{"URL":"http:\/\/xplorestaging.ieee.org\/ielx7\/9493214\/9493247\/09493261.pdf?arnumber=9493261","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,27]],"date-time":"2022-06-27T15:55:45Z","timestamp":1656345345000},"score":1,"resource":{"primary":{"URL":"https:\/\/ieeexplore.ieee.org\/document\/9493261\/"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,11,16]]},"references-count":52,"URL":"https:\/\/doi.org\/10.1109\/ecrime51433.2020.9493261","relation":{},"subject":[],"published":{"date-parts":[[2020,11,16]]}}}