Page 45 of 70 FirstFirst ... 3541424344454647484955 ... LastLast
Results 441 to 450 of 694

Thread: SPAM frauds, fakes, and other MALWARE deliveries - archive

  1. #441
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Social network SPAM growth...

    FYI...

    SPAM to avoid...
    - http://sunbeltblog.blogspot.com/2011...-to-avoid.html
    June 29, 2011 - "...
    1) "Facebook Survey Gift Invite"...
    2) Paypal phish...
    3) World of Warcraft phish mails..."

    Social network SPAM growth...
    - http://www.symantec.com/connect/blog...-attacks-surge
    June 29, 2011 - "... Spam attacks via social networks grew dramatically between April and June 2011. Over this period, we monitored and analyzed social network spam attacks that used three popular social networking sites — Facebook, Twitter, and YouTube... Most of the spam originates from botnets... Most of these IP addresses were blacklisted by reputation-based technology because of their spam involvement. Along with bot activity, some spam samples are seen to be sent through hijacked user accounts and fake social network accounts created by the spammers... Social network spam uses legitimate email notification templates from the social networking sites. The message alleges that the user has some unread messages or pending invites and a fake link is provided. The bogus link will direct users to a website that forces the download of malicious binaries, purports to be selling cheap enhancement drugs and replica products, pushes fake gambling casino sites, or advertises online adult dating sites, etc... The most common subject lines used in this case are as follows:
    Subject: Hi, you have notifications pending
    Subject: Oops.. You have notifications pending
    Subject: Hi, You have 1 new direct message
    Subject: You have 2 direct message on Twitter!
    Subject: YouTube Administration sent you a message: Your video has been approved
    Subject: YouTube Administration sent you a message: Your video on the TOP of YouTube
    Subject: Direct message from [removed]
    Subject: Warning: Your inbox is full, message not accepted
    Subject: [removed] sent you a message on Facebook...
    "
    (Screenshots available at the Symantec URL above.)
    ___

    SPAM volume - charted July 2010 - June 2011
    - http://krebsonsecurity.com/wp-conten.../symspam11.jpg

    Last edited by AplusWebMaster; 2011-07-02 at 00:41.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  2. #442
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Hiloti trojan downloader infection rates triple in UK

    FYI...

    Hiloti trojan downloader infection rates triple in UK
    - http://www.trusteer.com/blog/hiloti-...ates-triple-uk
    June 30, 2011 - "Hiloti generic downloader is a trojan first seen in December 2008 has shown a dramatic increase in infection rates of PCs during June 2011. Hiloti is a generic malware downloader, meaning it typically downloads other malware, e.g. Zeus and SpyEye. Hiloti creates a malicious DLL in the Windows directory, and hacks the Windows registry to maintain its presence on an infected machine across a normal boot cycle. We suspect that a Hiloti-infecting campaign - which is quite likely to be a drive-by download infection - is now taking place, having started on June 20th... the Hiloti malware is surging to two to three times it previously level of infections*... the infection does not appear to be affecting the US and other international territories, suggesting that it is a carefully targeted attack on one of more UK banking portals..."
    * http://www.trusteer.com/sites/default/files/hiloti.jpg

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  3. #443
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Google+ SPAM campaign ...

    FYI...

    Google+ SPAM campaign...
    - http://sunbeltblog.blogspot.com/2011...on-google.html
    July 02, 2011 - "... Sophos has found what we consider as, probably, the first crime ever targeting Google+: fake pharma spam... spammers didn't take long before they push a campaign to take advantage of Internet users badly wanting to be put in circles. It's the current "it" thing, after all. Not to mention the current perfect target of any threat attack, and spamming was the first..."
    * http://nakedsecurity.sophos.com/2011...gle-plus-spam/
    "... clicking on the links will not take you to the new social network, but instead take you to a pharmacy website set up to sell the likes of Viagra, Cialis and Levitra to the unwary..."
    (Screenshots available at the Sophos URL above.)
    ___

    - https://plus.google.com/107117483540...ts/PhJFJqLyRnm
    Jun 29, 2011 - "We've shut down invite mechanism for the night. Insane demand... For any who wish to leave, please remember you can always exit and take your data with you by using Google Takeout. It's your data, your relationships, your identity."

    Google Plus Fuss
    - http://sunbeltblog.blogspot.com/2011...plus-fuss.html
    July 05, 2011
    ___

    - http://www.f-secure.com/weblog/archives/00002198.html
    July 6, 2011 - "... Google will be deleting all private profiles after July 31*. This is related to Google+ migration..."
    * http://www.google.com/support/profil...public_profile

    Last edited by AplusWebMaster; 2011-07-07 at 01:22.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  4. #444
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Fake Google software emails

    FYI...

    Fake Google software emails
    - http://msmvps.com/blogs/spywaresucks...2/1795605.aspx
    Jul 2 2011 18:51 by sandi - Filed under: Malvertizing - "These almost fooled a family member. They’re fake. The spammers do the most basic of tracking – first by including remotely hosted pictures in the email, and by embedding the victim’s email address into URLs. If you click on the link, even if you are well aware it’s fake and don’t intend to buy anything and have your internet security set to super-ultra-paranoid, they’re still going to know who clicked on that link and you’ll get even more junk..."
    (Screenshots available st the URL above.)

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  5. #445
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Resurrection of MS10-087/CVE-2010-3333 In-The-Wild

    FYI...

    Resurrection of MS10-087/CVE-2010-3333 In-The-Wild
    - http://labs.m86security.com/2011/07/...3-in-the-wild/
    July 5, 2011 - "During the last few weeks we’ve seen massive use of the CVE-2010-3333 vulnerability for Microsoft Office. This eight months old vulnerability is used in popular documents such as a document that pretends to be “President Obama’s Speech”. Microsoft Office vulnerabilities have become very popular over the last few years and here are several samples that can be found In-The-Wild that use MS10-087 / CVE-2010-3333... The samples use different shellcodes, but as we can see, the exploit is In-The-Wild and is being used by malicious hackers..."

    > http://web.nvd.nist.gov/view/vuln/de...=CVE-2010-3333
    Last revised: 12/21/2010
    CVSS v2 Base Score: 9.3 (HIGH)
    ___

    - http://www.symantec.com/business/sec....jsp?bid=44652

    - http://labs.idefense.com/intelligenc...lay.php?id=880

    Last edited by AplusWebMaster; 2011-07-05 at 20:37.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  6. #446
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Lightbulb Google dumps 11+ million .co.cc sites from search results

    FYI...

    Google dumps 11+ million .co.cc sites from search results...
    - http://www.theregister.co.uk/2011/07..._dot_cc_sites/
    6 July 2011 - "Google has removed over 11 million .co.cc websites from its search engine results pages on the basis that most of them are far too "spammy"... Google classes the firm as a "freehost", and has exercised its right to block the whole domain "if we see a very large fraction of sites on a specific freehost are spammy or low-quality", according to Matt Cutts, head of Google's web spam team... According to a recent report from the Anti-Phishing Working Group, the .cc top-level domain hosted 4,963 phishing attacks in the second half of 2010, almost twice the number found under any other extension. That was due to a large number of attacks originating from .co.cc addresses, the APWG said..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  7. #447
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down Fake e-mails w/malware attachments...

    FYI...

    Virus Outbreak In Progress...
    - http://www.ironport.com/toc/

    - http://tools.cisco.com/security/cent...o=1&sortType=d

    Fake Money Order Attachment - E-mail - Updated July 07, 2011
    > http://tools.cisco.com/security/cent...?alertId=23578
    Fake FedEx Package Delivery Failure - E-mail- Updated July 07, 2011
    > http://tools.cisco.com/security/cent...?alertId=23577
    Fake Legal Department Payment - E-mail - July 7, 2011
    > http://tools.cisco.com/security/cent...?alertId=23590
    Fake Credit Card Overdue - E-mail - July 07, 2011
    > http://tools.cisco.com/security/cent...?alertId=23589
    Fake USPS Package Delivery - E-mail - Updated July 07, 2011
    > http://tools.cisco.com/security/cent...?alertId=23529
    Fake UPS Package Delivery - E-mail - Updated July 07, 2011
    > http://tools.cisco.com/security/cent...?alertId=23197

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  8. #448
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down SBS hacked...

    FYI...

    SBS hacked...
    - http://www.sbs.com.au/article/124519...t-July-18-2011
    July 18, 2011 - "Over the last 2 days, the SBS website has been the victim of a hacking attack... this source has been able to enter the site on this occasion and has inserted a link to a third party ‘malware site’. Users who may have inadvertently visited this third party malware site could then have had their machines infected with a virus depending on their security settings. SBS recommends that any site users who may be concerned about infection run a full security scan... Our digital team has been working throughout the weekend to rectify the problem and have now resolved the problem. Investigations are ongoing regarding how this issue occurred and what steps can be taken to ensure it does not happen again..."

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  9. #449
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down SPAM w/malware attachments...

    FYI...

    Virus Outbreak In Progress...
    - http://www.ironport.com/toc/
    July 19, 2011

    - http://tools.cisco.com/security/cent...o=1&sortType=d

    Fake Personal Loan Notification E-mail Messages...
    - http://tools.cisco.com/security/cent...?alertId=23677
    Fake Tax Backlog Notification E-mail Messages...
    - http://tools.cisco.com/security/cent...?alertId=23679
    Fake VISA Customer Services Notification E-mail Messages...
    - http://tools.cisco.com/security/cent...?alertId=23678
    Fake Purchase Notification E-mail Messages...
    - http://tools.cisco.com/security/cent...?alertId=23662
    Fake Notification E-mail Messages...
    - http://tools.cisco.com/security/cent...?alertId=23660
    Fake Profile Picture E-mail Messages...
    - http://tools.cisco.com/security/cent...?alertId=23663
    Fake Image Screen Shot E-mail Messages...
    - http://tools.cisco.com/security/cent...?alertId=23656

    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

  10. #450
    Adviser Team AplusWebMaster's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    6,881

    Thumbs down "No such file or directory" error...

    FYI...

    Python: No such file or directory – Your site is likely compromised
    - http://blog.sucuri.net/2011/07/pytho...mpromised.html
    July 18, 2011 - "If you run a WordPress site and you are seeing the following error at the top of your pages:
    sh: /usr/local/bin/python: No such file or directory
    It means that it is likely compromised. How do we know that? We were tracking a large blackhat SEO spam campaign (targeting WordPress sites) and we noticed that for the last few days one of their link distrubution domains were broken and generating an error. So any hacked site would display that error instead of showing the spammy links... If you are unsure if your site is compromised, try doing a quick scan here:
    http://sitecheck.sucuri.net ..."

    Last edited by AplusWebMaster; 2011-07-20 at 19:35.
    The machine has no brain.
    ......... Use your own.
    Browser check for updates here.
    YOU need to defend against -all- vulnerabilities.
    Hacks only need to find -1- to get in...
    .

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •