NNSquad - Network Neutrality Squad

NNSquad Home Page

NNSquad Mailing List Information


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ NNSquad ] Interesting malware/phishing technique I haven't seen before

Interesting malware/phishing technique I haven't seen before

Over at http://j.mp/16ziDjT (Google+) is a screen capture of a
somewhat interesting apparent malware/phishing attempt I haven't seen
before. A bunch of copies, all from different addresses, arrived
during the night to various addresses within my server cluster. As you
can see, it claims to be essentially a "blacklist reconsideration"
request. Because I do run a quite robust anti-spam system including
blacklists, I do deal with these, but this one had a bunch of red
flags (we'll ignore the spelling errors). As noted, it came from
various addresses to various addresses (most of the latter being
inappropriate). Inspection of headers showed typical spam/phish
obfuscations. Presumably the main malware payload is at the "dynamoo"
URL. So, there was no chance of my falling for it, but it is an
interesting approach that I thought appropriate to note publicly here.

Lauren Weinstein (lauren@vortex.com): http://www.vortex.com/lauren 
Co-Founder: People For Internet Responsibility: http://www.pfir.org/pfir-info
 - Network Neutrality Squad: http://www.nnsquad.org 
 - PRIVACY Forum: http://www.vortex.com/privacy-info
Member: ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
Google+: http://google.com/+LaurenWeinstein 
Twitter: http://twitter.com/laurenweinstein
Tel: +1 (818) 225-2800 / Skype: vortex.com
nnsquad mailing list