Upsurge in successful malware spam

A place to discuss malware of every flavor, e.g. Storm, Waledac, Conficker and Zeus

Upsurge in successful malware spam

Postby hellkyng » Thu Sep 09, 2010 6:38 pm

Just got word from my email filter provider about a spam campaign delivering malware extremely successfully. We've seen a few messages on our end already, sample below. Its being rumored that the message itself and malware is spreading quickly on internal networks and causing some huge problems for a lot of people. Does any have any additional information on this?

Supposedly the subject line is consistently:Here you have

Sample:

Code: Select all
Subject: Here you have

Hello:

This is The Document I told you about,you can find it Here.http://www.sharedocuments.com/library/PDF_Document21.025542010.pdf

Please check it and reply as soon as possible.


Cheers,


Here is a writeup of it so far: http://threatinfo.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_MEYLME.B

Sounds like if this hits your networks you will want to get a jump on it fast and get infected machines disabled asap.
hellkyng
Getting started
 
Posts: 18
Joined: Thu Jun 17, 2010 5:37 pm

Re: Upsurge in successful malware spam

Postby AlphaCentauri » Thu Sep 09, 2010 7:55 pm

Yeah, I've been seeing a TON of those. Spam filters have difficulty identifying them by content, as they aren't spammy at all. My Mailwasher program catches all of them, since I have a filter that identifies all emails with executable or compressed attachments, but I'm sure most people are having trouble telling spam from ham.

There's no consistency in the subject line, though. I posted a small sample of the ones I was getting on the MyWot forum:
http://www.mywot.com/en/forum/7271-spam ... ment-40638

They seem to have a template to match any kind of email someone might be expecting as part of their particular job or social situation.
User avatar
AlphaCentauri
You are kiillllling-a my bizinisss!
 
Posts: 5989
Joined: Thu Mar 01, 2007 3:01 am


Return to Malware

Who is online

Users browsing this forum: Bing [Bot] and 1 guest

cron