Spammers Exploiting Obama’s Victory to Spam in English & Spanish
Security experts at Websense, an online security vendor, have warned people about spam e-mails written in English and Spanish language and linked to a website that purports to contain a video clip showing interview of Obama's advisors.
When a user clicks on the video to watch, it downloads a Trojan which drops a file into the system directory after execution. It also unpacks a phishing kit which compromises the data on the victim's system.
Moreover, the reputed antivirus providers fail to detect this severe threat, said Dan Hubbard, Chief Technology Officer, Websense, as reported by internetnews on November 5, 2008.
According to security researchers and security analysts, a new Trojan is used in the English and Spanish spam e-mails that is hard to detect; as a result, users fail to protect themselves. Moreover, the Spanish language spam e-mail is simpler of the attacks because it targets only Latin American netizens and steals online banking details.
Hubbard said that the English language spam attack is more sophisticated and advanced because it not only steals users' banking details but also opens a backdoor for another code that transmits information of websites visited by victim along with downloads. Other security experts added that it uses fast flux technology to find a new server if the existing server is blacklisted by ISP (Internet Service Providers) for sending spam messages.
Websense reported that the technique used in the English language e-mail is not new as spam attacks with similar features but with different lures have been reported in the last six to eight months. These attacks range widely in subject from UPS shipping invoices to attracting victims by giving hot news on celebs in the entertainment industry.
As per the statistics gathered by security analysts and experts at Websense, the English language spam attack is stronger and widespread than the Spanish e-mail spam. Since November 4, 2008, only 1,500 Spanish language e-mails have been detected.
In contrast, security experts revealed that they intercepted over 30,000 unique English language spam in one hour coming from dozens of domain names registered on November 4, 2008.
Related article: Spammers Continue their Campaigns Successfully
» SPAMfighter News - 25-11-2008