{
  "family": "lethic",
  "sample_count": 4879,
  "category": "spam_bot",
  "description": "Lethic is a long-running spambot family active since 2008 that turns infected machines into spam-relay nodes for pharmaceutical, phishing, and malware-distribution campaigns. Lethic uses its own custom protocol to communicate with command-and-control servers and is notable for its compact size and resilience. Its primary harm to victims is bandwidth consumption and potential blacklisting of the victim's IP address.",
  "cta": "If you suspect this malware on your system, do not attempt manual removal. Contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response guidance.",
  "aliases": [],
  "enrichment_level": "hand-curated",
  "faq": [
    {
      "@type": "Question",
      "name": "What is Lethic?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "Lethic is a long-running spambot family active since 2008 that turns infected machines into spam-relay nodes for pharmaceutical, phishing, and malware-distribution campaigns. Lethic uses its own custom protocol to communicate with command-and-control servers and is notable for its compact size and resilience. Its primary harm to victims is bandwidth consumption and potential blacklisting of the victim's IP address."
      }
    },
    {
      "@type": "Question",
      "name": "How does Lethic spread?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "Lethic is a spam-bot trojan that infects systems through other malware droppers and uses them as nodes for sending pharmaceutical and stock spam."
      }
    },
    {
      "@type": "Question",
      "name": "What are the signs of a Lethic infection?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "Sudden spike in outbound SMTP traffic, IP address appearing on email blocklists, and antivirus detections for Lethic or Spam-Bot.Lethic indicate participation in the botnet."
      }
    },
    {
      "@type": "Question",
      "name": "What should I do if I think I have Lethic on my system?",
      "acceptedAnswer": {
        "@type": "Answer",
        "text": "If you suspect this malware on your system, do not attempt manual removal. Contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response guidance."
      }
    }
  ],
  "faq_count": 4,
  "mitre_attack": [
    "T1071.001"
  ],
  "cisa_advisory": null,
  "last_updated": "2026-05-27"
}