Welcome, Guest. Please Login.
05/24/13 at 13:46:37
News:


MyDesktopHelp Computer Support ForumComputer and Network Support ForumSecurity and Critical Updates
(Moderator: eddie5659) 		‹ No topic | Next topic
Pages: 1
Beware of New Year greetings cards /E-Cards etc (Read 432 times)
eddie5659
MDH Moderator
*****




Posts: 586
Beware of New Year greetings cards /E-Cards etc
01/03/11 at 08:27:47  
Please avoid all untrusted Happy New Year e-card links.  The Shadowserver Foundation is warning of a new malicious and advanced botnet that has just been discovered and ressembles the Storm Worm designs.
 
New Fast Flux Botnet for the Holidays: Could it be Storm Worm 3.0/Waledac 2.0?
http://www.shadowserver.org/wiki/pmwiki.php/Calendar/20101230
 
Those of us here at Shadowserver hope you're having a wonderful holiday season and are ready to bring in the new year. We were trying to relax and enjoy relatively quiet times until we noticed a new spam campaign that recently started. At first it looked like your regular old holiday e-card scams that have been around for years.  
 
However, upon closer inspection it looks like we could be dealing with the next generation of Storm Worm or Waledac. If you consider Waledac to be Storm Worm 2.0, this looks like it could be version 3.0 or at least Waledac 2.0. There are no real version numbers of course, but we don't have anything else to call it yet. What's it involve you ask?  
 
 CHARACTERISTICS OF NEW BOTNET  
 
Well here's the list of what we've seen so far:  
 
* Large scale Spam campaigns sending out e-mails with links  
* New malicious domains that are fast flux! (TTL of 0 and name servers that frequently update IPs)  
* Links are to several hacked websites hosting HTML pages that refresh to new malicious domains  
* Links are also directly to new malicious domains  
* Malicious domains hosting links to fake flash player and refreshes to exploit pages  
* Malware installs that begin beaching to several hosts over HTTP (what we dubbed HTTP2p with Waledac)  
* Malware that's been updated to look a bit more like legitimate than past variants  
* A very buggy network that is not often available (upstream devices not available)  
* Changing/Updated binaries
 
  AVOID THESE E-CARD MESSAGES:  
 
Let's start with the Spam Campaign. We've seen a multitude of subject lines and bodies. Below you'll find a list of subjects we've seen and an example e-mail message. These are coming from all over the Internet with spoofed sender addresses.  
 
 Greeting for you!
 Greeting you with heartiest New Year wishes
 Greetings to You
 Happy New Year greetings e-card is waiting for you
 Happy New Year greetings for you
 Happy New Year greetings from your friend
 Have a happy and colorful New Year!
 l want to share Greeting with you  
 New Year 2011 greetings for you
 You have a greeting card
 You have a New Year Greeting!
 You have received a greetings card
 You've got a Happy New Year Greeting Card!
Back to top
 
 
Just go with the flow, like a twig on the shoulders of a mighty stream

  IP Logged
Pages: 1
MyDesktopHelp Computer Support ForumComputer and Network Support ForumSecurity and Critical Updates
(Moderator: eddie5659) 		‹ No topic | Next topic

MyDesktopHelp Computer Support Forum » Powered by YaBB 2.1!
YaBB © 2000-2005. All Rights Reserved.