Add another domain:
- http://blogs.pcmag.com/securitywatch...y_new_year.php
December 28, 2007 - "...Consider the following unsolicited e-mail:
From: ccs @ gotapco.com
Sent: Friday, December 28, 2007
To: Larry Seltzer
Subject: Happy 2008!
Wishes for the New 2008 Year
hxxp: // newyearwithlove .com
DON'T GO TO THAT DOMAIN! If you do, or to one of several others with similar names, you'll be redirected to an HTTP request for an EXE file pushing a trojan horse program. The domains are all registered with an unresponsive Russian registrar. Thirteen different name servers on different networks are listed as authoritative in order to make it harder to bring the domain down. Even more may be added, if necessary, to keep the domain up..."
-----------------------
- http://preview.tinyurl.com/yud8re
December 27, 2007 (Computerworld) - "...According to WHOIS look-ups, both the happycards2008.com and newyearcards2008.com domains were registered with a Russian domain registrar named RUcenter only yesterday; the listed contact for the two domain is a "Bill Gudzon" of Los Angeles, Calif., but the contact phone number gave only a constant busy signal. Since the newest Storm attack began on Monday with spam touting Christmas-themed strippers, the code has repacked hundreds of times, a trick malware authors use to deceive signature-based antivirus software. Prevx, said Giuliani*, has already detected more than 400 variants of the version now in circulation."
* http://www.prevx.com/blog/74/Storm-W...ird-round.html