MSNBC Breaking News replaces CNN Spam Wave

Computer Help and Discussions Windows Security
1
But what if your trusted news delivery mechanism is the bad guys new delivery malware delivery mechanism? By imitating legitimate emails, criminals have built up a network of more than 250,000 spam-sending machines. Up until 2:12 AM today CNN had been the primary target, and we received CNN Alerts, at rates peaking as high as a dozen per minute. At 2:12 AM, the CNN campaign stopped.

Beginning at 3:15 AM today, August 13th, the UAB Spam Data Mine began receiving emails with news headlines in them that claimed to be from MSNBC. We're now receiving several each minute, with more than 500 archived already this morning. Here's the first one we received:

Article

2

Just got mine Humpty. I've said it before, some poor soul will open it.

8b18cf92a017.jpg

3

I haven't gotten junk mail in at least 2 years. Probably longer. Zero junk mail. Zero spam.

I feel so left out.

4

Send me your email address, and I'll forward it on :)

5

Nooooo thank you. :P

6

I received a few and reported it to hpHosts:

http://forum.hosts-file.net/viewtopic.php?...d=a&start=9

Also:

http://isc.sans.org/diary.html?storyid=4879

7
ALERT: malvertizements utilizing computer clipboards (copy and paste).

An interesting comment was posted to my blog today - the commentator said:

"...I had my clipboard go crazy last night, and I knew right away, because I write clipboard software (ClipMate) and so I was able to "hear" the clipboard events. This thing was posting more than once a second - overwriting the clipboard with their silly URL. I think they hope that people inadvertently paste it into blog posts, comments (like this one), e-mail, and such.

I have posted my findings here:

http://www.thornsoft.com/phpBB2/viewtopic.php?t=3567"

Another person complains of the clipboard problem - you can see the discussion here:

http://forums.devnetwork.net/viewtopic.php...48&p=477521

And here, somebody who accidentally pasted a fraudware URL into a comment:

http://boards.msn.com/MSNBCboards/thread.a...aram=Page%3D983

http://msmvps.com/blogs/spywaresucks/archi...09/1644062.aspx
8

Things seem a bit hot out there at the moment.

9

I've gotten both!!! Holy crap!

msnbcspamri4.th.jpg

AJ

10

Sorry for the double post... but I think I found the next big spam email.

morespamjf1.th.jpg

AJ