MX Lab intercepted a message that caught our attention. Some time ago, a rogue anti virus/anti spyware program known as Antivirus 2009, XP Antivirus Protection, MSAntivirus 2008 and Vista Antivirus 2008 was promoted on the internet and in various spam emails.
It seems that this now is distributed under a new name “Antivirus for Windows – [...]
Rogue anti virus program: Antivirus for Windows – New 2009 Version
Flash being used in spam emails
Spammers often include links in their messages directing to web sites. These links are most of the time in the form of a URL including .html, .htm, .asp, .php or something similar.
A new spam trick includes now to include an URL directing to an Flash animation with the .swf extension. Most browsers will play the [...]
Q2 2008 Email Threats Trend Report
“On average, nearly 10 million zombie computers actively sent spam and email-based malware everyday during Q2. The vast majority of those IP addresses are dynamic, meaning they are taken in and out of use at will by the botmaster controlling the network. Dynamic control of large numbers of zombie IPs is what allows the continuous delivery of malicious materials across the Internet. By [...]
Malware distribution techniques
At first I thought of a new phishing email, based on the fact that it comes from a bank, includes a long URL in the body and it is related to your banking account where you need to renew your certificate.
Connection-Colonial Bank Renewal
Certificate Renewal
Personal (Smartcard) e-Cert Personal e-Cert
Certificate owner must renew the certificate before expiry [...]
Maliciously crafted PDF files that opens door for trojan
MX Lab is detecting and intercepting an increased distribution of maliciously crafted PDF files. These PDF files contain an exploit that could result in a complete access to the infected computer and affects Windows XP or Windows 2003.
When the PDF document is opened the Windows firewall will be disabled by using Netsh, a command-line scripting [...]
MP3 based stock spam outbreak
After the PDF, Excel and ZIP based spam outbreaks we now have a stock spam outbreak based on the popular MP3 format for delivering audio. The messages are between 85kB and 150kB and contain an MP3 in poor quality at a 16 kbps bitrate and 11 KHz sample rate with an average length of 30 [...]
Phisher Goodin sentenced to the prison for nearly six years
Jeffrey Brett Goodin is sentenced to the prison for nearly six years and has to pay $1,002,885.58 to the victims of his phishing scheme, including nearly $1 million to Earthlink.
Goodin was found guilty after a week-long jury trial for sending thousands of e-mails through an Earthlink Internet connection to America Online users. The email was [...]
Fake Internet Explorer 7 Downloads spam
MX Lab issues a warning for an email messages that is offering you to download the latest version of Internet Explorer 7. This email contains a link to an .exe file that is in fact a trojan.
Read the security warning on the MX Lab web site.
Citibank phishing emails for Belgium internet users
MX Lab has captured some emails from “Citibank” intended for Belgian customers that have all the trademarks of phishing techniques. A quick investigation learns us that this emails is not valid. The senders email address is from primenetworks.com or wcoasthosting.com. As subject we have “Notice for Citibank Customer” or “Important Notice for Citibank Belgium Customers”.
Read [...]
Storm Worm-Trojan targets blogs, bulletin boards and webmail
A variant of the Storm Worm-Trojan, very active in January 2007 during a European storm, installs a component on the local computer that analyzes all network traffic via a layered service provider (LSP) integration and modifies blog postings and comments and webmail-based emails. The posting will include a link to the malicious code and make [...]
