Malware

AOL Administration Center & Uniform Traffic Ticket Spammed Scams

by certifiedbug on November 8, 2011

in Internet Security

“AOL Administration Center” spam comes from a spoofed email address this is a classic example of Canadian Pharmacy spam.

Full text of the bogus email, the # in the subject line changes.

From: “AOL Administration Center (R)”
To:
Subject: AOL Administration Center Notification #73916

Hi,
You have 1 notification (#73916) from AOL Administration Center
Please follow the instructions to continue.
Thanks,
The AOL Mail Team

Click here to opt out of receiving future promotional e-mail messages from AOL or go to AOL Keyword:
Email Preferences and unsubscribe. This screen name cannot respond to replies.

Click here for other Important Information about Commercial E-mail from AOL or visit http://about.aol.com/email_information.
AOL Email, PO Box 65627, Sterling, VA 20165-8805.

——————————————
“UNIFORM TRAFFIC TICKET” spam has been around awhile and continues to do the rounds. The email has an attached file which contains a malicious Trojan horse.
http://garwarner.blogspot.com/2011/08/new-york-city-uniform-traffic-ticket.html

Full text of the bogus email, the ID # in the subject line changes.

Date: Wed, 03 Aug 2011 12:42:23 +0530
From: “N.Y. State Department of Motor Vehicles”
To:
Subject: UNIFORM TRAFFIC TICKET (ID:89254305)

New York State Department of Motor Vehicles

UNIFORM TRAFFIC TICKET (ID:50385056),

POLICE AGENCY
NEW YORK STATE POLICE
Local Police Code 5278

THE PERSON DESCRIBED ABOVE IS CHARGED AS FOLLOWS

Time: 7:25 AM
Date of Offense: 10/10/2011
IN VIOLATION OF NYS V AND T LAW

9690 Description of Violation
SPEED OVER 55 ZONE
TO PLEAD, PRINT OUT THE ENCLOSED TICKET AND SEND IT TO TOWN COURT, CHATAM HALL., PO BOX 117

{ 0 comments }

Ach ‘payment canceled’ spam

by certifiedbug on September 28, 2011

in Internet Security

Resurgence of malicious ACH spam, the digit number changes randomly from email to email.

Keep your anti-virus application up-to-date and if the spam does arrive in the email box don’t click on links within or open any attachment.

The bad guys goal is to install a Zbot variant of a password stealing Trojan that also contains back door functionality. In other words the criminal gains unauthorized access and control of the infected computer.

Reference:
http://garwarner.blogspot.com/2011/05/ach-spammer-switches-to-shortened-urls.html

http://labs.m86security.com/tag/malicious-spam/

{ 0 comments }

Microsoft: Rustock Civil Case Closed

by certifiedbug on September 22, 2011

in Microsoft

The Official Microsoft® Blog

Rustock Civil Case Closed: Microsoft Refers Criminal Evidence to FBI
22 Sep 2011

As you may have read in this morning’s edition of CNET, on Sept. 13th, Judge James L. Robart, of the U.S. District Court for the Western District of Washington ruled that the domain names and Internet protocol addresses used to host the botnet would be effectively removed from the defendants’ control. This case not only enabled the take down of a botnet known to be one of the single largest sources of spam on the Internet, but it is now helping to ensure that this botnet will never be used for cybercrime again. However, we’re not stopping here.

We are also turning over all of the evidence we collected during discovery and our investigation to the FBI, to help ensure those responsible for operating the Rustock botnet are held accountable for their actions. It is important to note that Microsoft ‘s $250,000 reward offer for information that leads to the arrest and conviction of Rustock’s operators remains in effect, but now any tips should be sent directly to the FBI at MS_Referrals@ic.fbi.gov.

Article:
http://blogs.technet.com/b/microsoft_blog/archive/2011/09/22/rustock-civil-case-closed-microsoft-refers-criminal-evidence-to-fbi.aspx

Certifiedbug, July 18, 2011. Microsoft Offers $250,000 Reward for Information on Rustock

{ 0 comments }

NYC “Uniform Traffic Ticket” tops spammed malware

by certifiedbug on August 17, 2011

in Internet Security

GarWarner

Email attachments that contain malicious code are still being used to infect computers and steal the data found on those computers. While it is easy to find people who discount this threat, believing no one would be foolish enough to open one of these email attachments, the criminals are working hard to make their approaches more convincing.

Today we’ve seen more than 11,000 copies of their newest attempt come in to the UAB Spam Data Mine.

Articles and picture of email:
http://garwarner.blogspot.com/2011/08/new-york-city-uniform-traffic-ticket.html

http://nakedsecurity.sophos.com/2011/08/17/uniform-traffic-ticket-malware-attack-widely-spammed-out/

{ 0 comments }

eThieves Steal $217k

August 17, 2011

Last month Cyber Criminals stole $217,000 from the Metropolitan Entertainment & Convention Authority (MECA), a nonprofit organization. Krebs On Security Lea French, MECA’s chief financial officer, said the trouble began when an employee with access to the organization’s online accounts opened a booby-trapped email attachment containing password-stealing malware. The attackers used MECA’s online banking credentials [...]

Read the full article →

Backdoor Olyx

August 3, 2011

Microsoft Malware Protection Center The recent emergence of rogue security software applications for Mac demonstrates how cybercriminals effectively use social engineering techniques to manipulate users’ responses – specifically, exploiting user’s fear of revealing sensitive information such as credit card details. This scare tactic evidently works regardless of the platform. While financial gain is primarily the [...]

Read the full article →

Google warns users of malware

July 20, 2011

Google Online Security Blog Posted by Damian Menscher, Security Engineer As we work to protect our users and their information, we sometimes discover unusual patterns of activity. Recently, we found some unusual search traffic while performing routine maintenance on one of our data centers. After collaborating with security engineers at several companies that were sending [...]

Read the full article →

Microsoft Offers $250,000 Reward for Information on Rustock

July 18, 2011

The Official Microsoft Blog Posted by Richard Boscovich Senior Attorney, Microsoft Digital Crimes Unit 18 Jul 2011 Last month, I shared with you that the Rustock botnet has remained inactive since Microsoft and its partners took it offline on March 16th. Today, we take our pursuit a step further. After publishing notices in two Russian [...]

Read the full article →

Microsoft-New Threat Data on Rustock

July 6, 2011

Since successfully taking down the Rustock botnet on March 16th, Microsoft has continued to analyze the threat, investigate leads on the operations and owners of the botnet and work with Community Emergency Response Teams (CERTs) and Internet Service Providers (ISPs) worldwide to help the legitimate owners of Rustock-infected computers to clean their computers of malware. [...]

Read the full article →

McAfee-How I became a Zombie

June 23, 2011

Botnets Demystified and Simplified Let’s face it: Most people–even folks in the security industry–have a hard time explaining botnets (robot networks of infected computers) in a way that your Uncle Joe or Aunt Betty can understand. Is it really a big deal? Yes, it is. With the rapid growth in malware and bot infections we’re [...]

Read the full article →

← Previous Entries