While we saw the Valentine’s day campaign start in January, it’s morphed. This time using the following approaches (some old, some new) raw IP addresses in the spam lures the filename is now “valentine.exe”, using a redirect and a clickable link much more simple HTML websites subjects include “Blind Love”, “Just You” and other warm [...]
Enabled by some spam samples Marshal provided, Joe Stewart and the good folks @SecureWorks, with an assist from Team Cymru and my|NetWatchman, have identified the malware and botnet referred to as Mega-D. It turns out Mega-D is composed of bots from the little-known Ozdok malware family. Joe provides some analysis on scale and distribution of [...]
Just to close the loop on this… Phil Hay from the TRACE team at Marshal got back to me yesterday afternoon regarding my query about Mega-D. He provided some clarifications on some of what he referred to as “misleading press reports”. Here’s a quick summary of his message: The TRACE team identifies and tracks spambots [...]