Newsfeed
Nachrichtenbote
Earlier today we saw an big increase in emails going around with all sorts of interesting subjects, not totally unlike the ones used by the latest Storm.
So far we've seen subjects talking about everything from White House hit by lightning, catches fire" to Italy knocked out of Euro 2008 and Nokia unveils revolutionary new phone design?. It's a pretty long list of different subjects - too long to list them all here so we've put them in a downloadable TXT file instead.
All mails contain a link to different compromised sites which all contain the same fake Pornotube page. Once there the page shows an error message telling the user that they need to install a Video ActiveX component. The file that gets downloaded is spam trojan that sends out lots of emails with links pointing back to the compromised sites.
The list of compromised sites is pretty extensive as well, we've been able to identify 74 different sites so far whereof only a handful have been fixed.
One thing that's not really normal about this case is that we first saw the file that gets downloaded, video.exe, over two days ago and added detection for it already then. Why would they send spam promoting an old file? Well, we've seen malware writers do stupid things before. On 20/06/08 At 06:11 AM
Weiterlesen...
So far we've seen subjects talking about everything from White House hit by lightning, catches fire" to Italy knocked out of Euro 2008 and Nokia unveils revolutionary new phone design?. It's a pretty long list of different subjects - too long to list them all here so we've put them in a downloadable TXT file instead.
All mails contain a link to different compromised sites which all contain the same fake Pornotube page. Once there the page shows an error message telling the user that they need to install a Video ActiveX component. The file that gets downloaded is spam trojan that sends out lots of emails with links pointing back to the compromised sites.
The list of compromised sites is pretty extensive as well, we've been able to identify 74 different sites so far whereof only a handful have been fixed.
One thing that's not really normal about this case is that we first saw the file that gets downloaded, video.exe, over two days ago and added detection for it already then. Why would they send spam promoting an old file? Well, we've seen malware writers do stupid things before. On 20/06/08 At 06:11 AM
Weiterlesen...