Trojan Compromises Over 300,000 Accounts

Posted November 4th, 2008 by Sue Walsh

Over the past three years a powerful Trojan maintained by a cybercrime organization has been responsible for stealing the usernames and passwords of nearly half a million bank accounts and nearly as many credit card numbers. Researchers captured some of the Trojan’s (known as Sinowal, Mebroot or Torpig) code and used it to track down its drop server full of the stolen information. Further research showed it’s been active since early 2006.

The Trojan works by waiting for the user to enter the URL for a banking or credit card site. Once it senses one, it replaces it with a fake one that captures the user’s details. So far it’s known to have the ability to sense nearly 3,000 different URLs, and is not detected by most anti-virus programs. It does this by using a rootkit to infect a PC’s master boot record, making it practically invisible.

Read the rest of this entry »

Posted in Security, Spam news No Comments Tags: ,

Airlines Latest to Be Exploited By Spammers

Posted October 21st, 2008 by Sue Walsh

Continental Airlines is the latest company to be exploited by scammers. A new wave of spam claiming to be from the airline attempts to trick the recipient into downloading malware. The messages come with an attachment that look like ticket invoices and boarding passes and thank the recipient for buying their tickets online. A username and password are provided as well as the confirmation of a $900 charge to their credit card. The attachment, called “e-ticket.doc.exe” is actually a worm that downloads additional malware to the user’s PC.

Read the rest of this entry »

Posted in Fighting spam, Spam news No Comments Tags: ,

Malware Laden Spam on the Rise Again

Posted October 8th, 2008 by Sue Walsh

Security experts are reporting that malware laden spam is on the increase. The malware is either delivered via .zip or .rar attachments or by directing the recipient to a compromised website via a link. Another method rising in popularity is the embedding of malicious code into the source code of the message. Most of the payloads were Trojans and information-stealing applications. The most popular malware sent via spam is the Pandex Trojan, which turns a computer into a zombie machine, harvests addresses from a variety of files, including .eml, .txt, and htm, and installs a rootkit.

Read the rest of this entry »

Posted in Fighting spam, Spam news, anti spam No Comments Tags: , ,