Spam Filtering

Spam Filtering News


Bogus E-mails Pretending to be Viber Circulating
*Spam Filter Service News for August 14, 2015

According to security researchers, an e-mail posing as Viber the messaging service's communication has been detected circulating as it attempts at duping unwitting Internauts, reported dated September 30, 2014. People who're recipients of the bogus electronic mail would find a message that there's one missed call they require taking as they're also prompted to follow one embedded web-link so they can hear the message. But, the e-mail isn't from Viber while the web-link too doesn't lead onto any missed voicemail missive rather it leads onto a hijacked site containing malware.

Anyone following the web-link would download a file which checks for the Internet Explorer browser as well as Microsoft Windows operating system on the machine. On finding the two, the website would download one zipped archive having one executable denoted with the .exe filename. And suppose this executable is run, it'll result in the infected PC joining a botnet called Asprox.

Subsequently, that PC, under the control of criminals, could load more malware. This additional malware would likely dig in user-passwords or other sensitive information from the affected PC. Besides, through the botnet, it may be possible for the crooks to utilize the PC for executing more spam campaigns or malware.

Notably, Asprox's controllers at first used the botnet for distributing huge volumes of spam; however, it was as well employed for scrutinizing online sites for security flaws, filching credentials as also executing click-fraud associated with Internet advertising. It was 2008 that Botnet Asprox came into being while since then its size has been changing with the number of bot-infected PCs added/subtracted to it. Therefore periodically, Asprox requires regenerating so it can have the required number of computers to perform various nefarious activities.

Microsoft observed that Asprox, in one of its activities, delivered the Upatre installer onto end-users' systems. FireEye the security company, during June 2014, found that Asprox dispatched a good 10,000 spam mails everyday. When there's an outbreak from the botnet spanning many days, there could be even 500,000 malware-lased e-mails served. Normally, Asprox's operators employ earlier hijacked servers for thrusting malicious software thus making it extremely hard for detecting the same.

RSS Link Subscribe to Spam News Subscribe