Lethic is a long-running spambot family active since 2008 that turns infected machines into spam-relay nodes for pharmaceutical, phishing, and malware-distribution campaigns. Lethic uses its own custom protocol to communicate with command-and-control servers and is notable for its compact size and resilience. Its primary harm to victims is bandwidth consumption and potential blacklisting of the victim's IP address.
This family has been observed using the following ATT&CK techniques: T1071.001
Lethic is a long-running spambot family active since 2008 that turns infected machines into spam-relay nodes for pharmaceutical, phishing, and malware-distribution campaigns. Lethic uses its own custom protocol to communicate with command-and-control servers and is notable for its compact size and resilience. Its primary harm to victims is bandwidth consumption and potential blacklisting of the victim's IP address.
Lethic is a spam-bot trojan that infects systems through other malware droppers and uses them as nodes for sending pharmaceutical and stock spam.
Sudden spike in outbound SMTP traffic, IP address appearing on email blocklists, and antivirus detections for Lethic or Spam-Bot.Lethic indicate participation in the botnet.
If you suspect this malware on your system, do not attempt manual removal. Contact SystemHelpdesk expert MSP support at 855-783-7555 for professional incident response guidance.
Get this profile as JSON: https://jordanricky1604-ship-it.github.io/malware-families-catalog/api/lethic.json
This profile is part of the Malware Families Catalog, a public dataset of 2,899 malware families extracted from the EMBER 2018 benchmark. The catalog is also published on Hugging Face and Kaggle.