Archive | Spammers & Scammers


20 May 2009 | 5,637 views

Google Poisoning Attack Gumblar Still Causing Problems

I thought this would have been stamped out by now, but sadly it’s still going on. With the advent of cheap web hosting and easy to use CMS systems like WordPress more and more people are managing their own websites (gone are the days of Geocities). More people with websites means more FTP details to [...]

Continue Reading


05 May 2009 | 5,231 views

Torpig Botnet Hijacking Reveals 70GB Of Stolen Data

We did mention Torpig in passing back in January 2008 when talking about the Mebroot rootkit which digs down deep into the Master Boot Record. It seems like Torpig has been pretty active since then and the latest break is that some security researchers have managed to infiltrate the botnet and collect some data on [...]

Continue Reading


23 April 2009 | 4,045 views

Spammers Recover from McColo Shutdown – Spam Back To 91%

You might remember back in November last year Spam ISP McColo was Cut Off From the Internet and there was a fairly drastic drop in spam e-mail traffic. Well it looks like the spammers have got their acts back together as spam levels are back up to 91% of their previous volume. Having McColo shut [...]

Continue Reading


20 March 2009 | 5,479 views

Indian Credit Card Fraud Exposed – Linked to Symantec

In a recent undercover sting the BBC has uncovered some unscrupulous Indian chaps selling valid UK credit card details, the kicker to the story is the fraud is linked to Symantec as the people being defrauded had all recently bought Norton subscriptions. I guess it’s hard to control a 3rd party call center though and [...]

Continue Reading


18 March 2009 | 5,487 views

New Conficker Variant More Aggressive

Conficker has gotten quite a lot of news recently with it growing so fast and Microsoft offering a bounty for the authors. It seems like the Conficker authors are really serious about retaining control of their botnet and expanding it further without hindrance from the companies trying to stop them. It’s quite likely they are [...]

Continue Reading


16 March 2009 | 5,384 views

BBC Unleashes Botnet For ‘Investigation’

The BBC has made an odd move recently by buying/seeding a botnet of 22,000 computers under the guise of investigative journalism. They claim it’s not illegal as they caused no harm and only sent spam to e-mail accounts used by themselves. Technically I think it’s still breaking the law under the Computer Misuse Act but [...]

Continue Reading


15 January 2009 | 12,043 views

Next-Gen Botnets Taking The Place of Storm and Srizbi

Back in November there was a considerable drop in Spam when Spam friendly ISP McColo was cut off from the Internet by it’s upstream peer. Srizbi worm was pretty smart though and was picking up again by the end of November. Later in the year the botnets were somewhat neutralised leading to a huge drop [...]

Continue Reading


13 January 2009 | 3,804 views

Fake CNN Site From Phishing E-mail Serves Trojan

The latest Phishing E-mails going round are leveraging on people’s need to digest the latest information, in this case about the Israel-Hamas conflict. They set up a fake CNN site which prompts you to upgrade your flash player to view the video, of course it’s not Flash but a Trojan targeting your sensitive financial information. [...]

Continue Reading


26 November 2008 | 3,575 views

Spam Back on the Rise with Srizbi Resurrected

After McColo was partially disconnected from the Internet by it’s peers global spam dropped noticeably. It seems however that the spam was emanating from a zombie network and the control servers were hosted by McColo, the creators of the botnet (Srizbi) were smart about it though and built a fail-safe system into the the malware. [...]

Continue Reading


17 November 2008 | 5,715 views

Spam ISP McColo Cut Off From the Internet

You might recall we reported a while ago about ‘spam friendly’ ISP Intercage coming back online after having their plug pulled by upstream provider UnitedLayer. They pledged to clean up their act though and drop their biggest client who was an Eastern European malware and phishing host. This time another ISP has been suspected of [...]

Continue Reading