Spammers Disturbing Malware through Dropbox’s URLs
Spammers are abusing a Dropbox feature to push both malware and pharmaceuticals that permit users with the file sharing advantage through a shortened link, and taking people to the website selling questionable pharmaceutical, as per security vendor, Symantec.
Dropbox, the file sharing and synchronization service, comprises of a public folder for sharing content dedicatedly. The uniform resource locater (URL) of Dropbox can be employed towards creating links. Dropbox accounts integrate a public folder, where files are publicity placed and therefore available. This function turns out to be advantageous for spammers, for it efficiently turns dropbox into free hosting sites. However, spammers have often abused the URL shortening and free of cost hosting sites for some time.
In fact, spammers have produced a number of Dropbox accounts, uploading an image, and a simple .html file, and finally employing the image to connect a pharmaceuticals site.
Symantec recognized more than 1,200 spammy drop box URL's in use over a 48 hour time-period. Spammers upload image links to a questionable drop box account. The images uses simple html to redirect users to the typical Canadian pharma scam-sites.
Another social networking site Twitter has also initiated its own shortening service and as a precautionary measure resolves the link to find out if it's been reported for being malicious or not. However, Twitter's URL shortener will display the target link when users will linger around the mouse over the link, and gain an idea of their proceedings.
Meanwhile, researchers at Symantec recently viewed a malware posing to be a Brazilian Portuguese spam message in the pretext of containing photos and seeking permission for posting them onto a social networking site. The links provided in the e-mail poses to be Trojan hosted on dropbox.
Although dropbox is a high-profile site, cyber crooks always aim at all sorts of sites irrespective of size big or small. A variety of activities are conducted by the site to deal with such maltreatment, though in some instances this work is often viewed as a low priority work, regardless of the damage caused by such abuse. However, Symantec confirmed about Dropbox showing their concern for the security for their users.
Related article: Spammers Continue their Campaigns Successfully
» SPAMfighter News - 20-03-2012