Posts Categorized: spam


Poison Ivy trojan spreading across Skype

by

Last night, a friend of mine surprisingly messaged me at 6:33 AM on Skype, with a message pointing to what appeared to be a photo site with the message “hahahahaha foto” and a link to hxxp://random_subdomain.photalbum.org What was particularly interesting is that he created a group, and was basically sending the same message to all of his contacts. Needless to say, the time has come for me to take a deeper look, and analyze what appeared to be a newly launched malware campaign using Skype as propagation vector. More details:

Continue Reading »

Spamvertised ‘Pizzeria Order Details’ themed campaign serving client-side exploits and malware

by

End and corporate users (and especially Pizza eaters), beware! Cybercriminals are currently spamvertising hundreds of thousands of emails, impersonating FLORENTINO`s Pizzeria, and enticing  users into clicking on a client-side exploits and malware serving link in order to cancel a $169.90 order that they never really made. More details:

Continue Reading »

Managed SMS spamming services going mainstream

by

Are you receiving SMS spam? According to the latest reports, millions of mobile users do. The trend is largely driven by what Webroot is observing as an increase in underground market propositions offering managed SMS spamming services to new market entrants not interested in building and maintaining the spamming infrastructure on their own. In this post, I’ll profile a recently advertised managed service offering SMS spamming capabilities to potential customers, discuss the latest innovations in this field, their impact to mobile security, and what are some of the key factors contributing to the growth of SMS spam. More details:

Continue Reading »

New DIY email harvester released in the wild

by

In order for cybercriminals to launch, spam, phishing and targeted attacks, they would first have to obtain access to a “touch point”, in this case, your valid email address, IM screen name, or social networking account. Throughout the years, they’ve been experimenting with multiple techniques to obtain usernames (YouTube user names, IM screen names, Hotmail email addresses) and valid email addresses from unsuspecting end and corporate users. In this post we’ll profile a recently released Russian DIY  email harvester, and emphasize on the difference between notice and experienced cybercriminals in the context of the tactics and techniques they use to obtain a […]

Continue Reading »

Spamvertised ‘US Airways’ themed emails serving client-side exploits and malware

by

Cybercriminals are currently spamvertising yet another social-engineering driven malicious email campaign, this time impersonating U.S Airways. Upon clicking on the malicious links found in the emails, end and corporate users are exposed to client-side exploits courtesy of the BlackHole web malware exploitation kit. More details:

Continue Reading »

Email hacking for hire going mainstream – part two

by

Remember the email hacking for hire service which Webroot extensively profiled in this post “Email hacking for hire going mainstream“? Recently, I stumbled upon another such service, advertised at cybercrime-friendly web forums, offering potential customers the opportunity to hack a particular Mail.ru and Gmail.com email address, using a variety of techniques, such as brute-forcing, phishing, XSS vulnerabilities and social engineering. More details:

Continue Reading »

Spamvertised ‘Scan from a Hewlett-Packard ScanJet’ emails lead to client-side exploits and malware

by

Security researchers from Webroot have intercepted a currently spamvertised malicious campaign, impersonating Hewlett Packard, and enticing end and corporate users into downloading and viewing a malicious .htm attachment. More details:

Continue Reading »

Spamvertised Verizon-themed ‘Your Bill Is Now Available’ emails lead to ZeuS crimeware

by

Cybercriminals newest spamvertised malware campaign is brand-jacking Verizon Wireless in an attempt to trick end users into clicking on the malicious links embedded in the email. More details:

Continue Reading »

Spamvertised LinkedIn notifications serving client-side exploits and malware

by

Cybercriminals are currently spamvertising LinkedIn themed messages, in an attempt to trick end and corporate users into clicking on the malicious links embedded in the emails. The campaign is using real names of LinkedIn users in an attempt to increase the authenticity of the spamvertised campaign. More details:

Continue Reading »

Malicious USPS-themed emails circulating in the wild

by

Cybercriminals are currently spamvertising malicious USPS-themed emails, that entice end and corporate users into clicking on malicious links found in the emails. More details:

Continue Reading »