Explore the latest news and trends  

Sign up for our weekly security newsletter


Be the first to receive important updates on security





Send

Symantec Reports Abuse of URL Condensers within Newly-Detected Spam Run

Investigators at Symantec are reportedly cautioning of online-crooks who're increasingly utilizing URL-condensing utilities for their e-mail scams, while attempting at tricking gullible end-users.

Notably, URL condensers largely help in camouflaging web-links, particularly when cyber-criminals utilize several of them for devising multiple hops prior to getting victims to land on certain malware-laced website.

States Symantec that one fresh spam run was recently identified wherein e-mails posed as communication from a service that transferred funds between banks. The unsolicited e-mail asserts that officials have annulled one such transfer, while directs recipients for viewing an associated .pdf document hosted on an outside Web-address. But, on clicking the given web-link, no document emerges rather users, through condensed URLs, get diverted till they reach a site with a drive-by download.

Elaborating on the above e-mail scam, Symantec stated that criminals had obfuscated nearly the whole content of the spam while placing it within a lone massive HTML "DIV" (divides a web-page into different parts) component, concealed with a sequence of Cascading Style Sheets. And whilst any Web-browser displayed the web-page, the content was de-obfuscated with a JavaScript that executed additional JavaScript for leveraging attack codes. The page tried many attack codes, including those aiming at Java and PDF, while also utilized one Windows-Help-Center attack code for pulling down additional malware, the security company noted. Symantec.com published this during the 1st-week of July 2011.

Additionally, Symantec states that there's the use of few hundred distinct condensed URLs for establishing a connection with the said malware. Also, the company anticipates greater utilization of this method by malware-writers later on.

Meanwhile, with such spam runs being so malicious Symantec recommended end-users that they should maintain every software item of theirs up-to-date so that they didn't get victimized with drive-by downloads. Moreover, according to the company, there were e-mail client and browser extensions which of their own expanded condensed URLs; hence those resulting in other URL-condensing utilities mustn't be relied upon.

Eventually, with the identification of the above mentioned e-mail spam it's yet again evident that distributors of spam mails have started developing own URL-condensing utilities, something that Symantec, within its May 2011 report, indicated.

Related article: Sentence for American Contractor for Sabotaging Government Navy Computers

ยป SPAMfighter News - 14-07-2011

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Exchange Anti Spam Filter
Go back to previous page
Next