Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Massive increase in spam volume?

From: Niek <niek () packetstorm nu>
Date: Mon, 26 Apr 2004 16:22:50 +0200
Jay D. Dyson wrote:


On Sat, 24 Apr 2004, Thamer Al-Harbash wrote:

        I'd say you're seeing the first wave of what appears to be a new
worm.  Earlier this evening I received about 20 copies of the same message
(same subject, same body, different senders) which was titled, "Osama bin
Laden found!" and listed a URL (http://220.95.231.54/pics/).

        Being naturally curious (and even more naturally paranoid), I went
to the URL...but not with my browser.  What I snagged was an obfuscated
Javascript page which -- from what I could decipher at a glance -- was
some kind of spam pitch for cheap prescription drugs.  I didn't bother
looking for a malicious payload after that.

        So what we have here could be a worm that spews spam.  This sort
of thing will pretty much render the idea of blackholing netblocks useless
now, since unpatched Windows system are everywhere.

        That's my take.  I look forward to hearing about what others have
seen land in their inboxes.


http://www.pandasoftware.com/about/press/viewNews.aspx?noticia=4980&ver=21

Regards,

Niek

---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: