FYI...
Fake ‘Sent from my iPhone’ themed emails - expose users to malware
- http://www.webroot.com/blog/2013/11/...users-malware/
Nov 19, 2013 - "Cybercriminals are currently mass mailing tens of thousands of malicious emails, supposedly including a photo attachment that’s been “Sent from an iPhone”. The social engineering driven spam campaign is, however, the latest attempt by a cybercriminal/group of cybercriminals that we’ve been monitoring for a while, to attempt to trick gullible users into unknowingly joining the botnet operated by the malicious actor(s) behind the campaign. Detection rate for the spamvertised attachment: MD5: 46e077f058f5a6eddee3c851f8e56838 – * ... Trojan.Win32.Neurevt.jl; Trojan:Win32/Neurevt.A... Once executed, the sample attempts to contact the following C&C servers:
91.109.14.224
31.7.35.112
49.50.8.93
173.0.131.15
209.50.251.101
88.198.7.211
64.120.153.69
219.94.206.70
173.231.139.57
next to the well known by now, networksecurityx.hopto .org (1) a C&C host..."
* https://www.virustotal.com/en/file/5...is/1384441224/
Diagnostic page for hopto .org
1) http://google.com/safebrowsing/diagn...ite=hopto.org/
"... Part of this site was listed for suspicious activity 731 time(s) over the past 90 days... Malicious software includes 817 exploit(s), 113 trojan(s), 59 virus. Successful infection resulted in an average of 5 new process(es) on the target machine. This site was hosted on 80 network(s)... Over the past 90 days, hopto .org appeared to function as an intermediary for the infection of 140 site(s)... this site has hosted malicious software over the past 90 days. It infected 210 domain(s)..."
___
Fake Snapchat downloads in Search Engine Ads
- http://www.threattracksecurity.com/i...ch-engine-ads/
Nov 19, 2013 - "Hot on the heels of fake Snapchat Adware installs*, we have advert results in both Google and Bing adverts leading to non-existent downloads of Snapchat in return for an Adware bundle. Here’s Google:
> http://www.threattracksecurity.com/i...oglesearch.png
The site in question here is soft1d(dot)com
> http://www.threattracksecurity.com/i...ft1dprompt.jpg
Here’s Bing:
> http://www.threattracksecurity.com/i...napadsbing.jpg
The ad in question is the one in the bottom right hand corner for download-apps(dot)org/snapchat
> http://www.threattracksecurity.com/i...-apps-snap.jpg
Both sites lead to the same install. Comments from Matthew, one of our researchers in the Labs who discovered this: 'When you run the installer it precedes to install Fast Media Converter (Zango/Pinball Corp/BlinkX/LeadImpact) and LyricsViewer (Crossrider) with the only notice being from the page shown in the “prompt” screenshots. After loading those, it proceeds to offer you some more: a Conduit Toolbar and Dealply. In the end there is no Snapchat install or even a replacement for Snapchat'...
> http://www.threattracksecurity.com/i...ion-snap-1.png
.
> http://www.threattracksecurity.com/i...ion-snap-3.png
VirusTotal has this one pegged at 4/47** ..."
* http://www.threattracksecurity.com/i...-leads-adware/
Nov 1, 2013
** https://www.virustotal.com/en/file/1...4b40/analysis/
___
Threat Outbreak Alerts
- http://tools.cisco.com/security/cent...utbreak.x?i=77
Fake Job Offer Notification Email Messages - 2013 Nov 19
Fake Monthly Report Notification Email Messages - 2013 Nov 19
Fake Invoice Attachment Email Messages - 2013 Nov 19
Fake Picture Sharing Email Messages - 2013 Nov 19
Fake Payment Information Notification Email Messages - 2013 Nov 19
Email Messages with Malicious Attachments - 2013 Nov 19
Fake Picture Sharing Email Messages - 2013 Nov 19
Fake Fax Message Delivery Email Messages - 2013 Nov 19
Fake Product Quote Request - 2013 Nov 19
Fake Fax Message Delivery Email Messages - 2013 Nov 19
Fake Payment Confirmation Email Messages - 2013 Nov 19
Fake Personal Photo Sharing Email Messages - 2013 Nov 19
Fake Payment Invoice Email Messages - 2013 Nov 19
Fake Shipment Tracking Information Email Messages - 2013 Nov 19
Fake Product Order Notification Email Messages - 2013 Nov 19
Fake Scanned Image Notification Email Messages - 2013 Nov 19
Fake Product Purchase Order Email Messages - 2013 Nov 19
Fake Product Purchase Order Email Messages - 2013 Nov 19
Fake Bank Payment Notification Email Messages - 2013 Nov 19
Fake Customer Complaint Attachment Email Messages - 2013 Nov 19
(More info and links at the cisco URL above.)