Malevolent E-mail Spam Mimics Twitter Template

Security investigators from M86 Security a security company warn that a spam run is doing the rounds while attacking Twitter members with one fresh tactic that's sending a Tweet template within an unsolicited spam mail.

Remarking about this new malicious e-mail scam, Lead Security Investigator Phil Hay of M86 Security stated that although there were variations in the spam messages' captions, the majority of the subject lines related to the recent unfortunate incidences that occurred in Japan. Infosecurity-magazine.com published this on March 18, 2011.

Hay further stated that one e-mail's web-links took users onto a site, which supported a disguised hostile JavaScript that aimed at abusing a Java flaw. If the links were clicked through, it resulted in the immediate compromise of the host PC that was then incorporated into a botnet, while a rogueware was planted.

The investigator continued that the unsolicited e-mails were being sent from a Cutwail spambot. According to him, the M86 investigators were able to acquire the format when they studied the command-and-control traffic of Cutwail that plainly revealed the Twitter format getting used.

In addition, Hay stated that as social networking grew, spammers were being observed to increasingly utilize bogus 'notifications.'

Worryingly, it isn't merely M86 Security, which's telling of the above e-mail scam. For, Sophos another security company too said that spam mails with harmful web-links were circulating online while pretending to be Twitter notifications.

The sites those web-links connected to, carried harmful JavaScript that Sophos identified as Troj/JSAgent-P, as well as a Java Applet, identified as Troj/JavaDl-BL. These trojans aimed at abusing vulnerability namely CVE-2010-0840 within the Java Runtime Condition, stated Senior Technology Consultant Graham Cluley at Sophos through a personal blog post dated March 17, 2011.

Highlight the researchers at both M86 and Sophos that cyber-criminals and scammers profusely take advantage of natural calamities for example the recent tsunami and earthquake across Japan, with an aim to infect PCs and churn money.

Conclusively, they once again advise users for deploying the most recent security updates, maintaining an up-to-date anti-virus program, and visiting only authorized news websites while searching for information regarding the Japan calamity.

Related article: Malevolent RTF Files Drop Trojan Via Abuse of Office Vulnerability

» SPAMfighter News - 3/30/2011