Spammers Associated With Canadian Pharmacy E-Mails Start Fresh Spam Attacks

Latest news
Facebook Targeted with Valentine Attack Results in Malware FBI Likely Deployed Spyware for Surveillance on MegaUpload Cidrex Trojan Opens E-mail ids in ‘Yahoo,’ Uses CAPTCHA to secure them E-mail Supposedly Inviting to Conference, Serves Trojan Collaborated Effort towards Evading Spam

Support our Sponsors

uClip Clipping Path Service

Main Menu

Resources

Login
Username Password Remember Me Forgot your password? Forgot your username? Create an account

Syndicate

Popular
Amazon Accountholders get Fresh Phishing E-mail Enterprises Facilitated through Malware Circulation in Government Cyber-criminals Execute e-Payment Malware Assault Eleven Survey Rated Spam the Biggest E-mail Security Threat in Ten Years Websites Diverting End-users onto ‘Blackhole’ Increasing Within Russia: ESET

Trampolines usa

Spammers Associated With Canadian Pharmacy E-Mails Start Fresh Spam Attacks

Written by Administrator

Saturday, 07 August 2010 05:00

Researchers at Trend Micro the security company caution that spammers associated with Canadian Pharmacy junk e-mails are back into action as they've started launching more fresh malevolent spam schemes.

State the researchers that they're observing a fresh surge of phony pharmacy related junk messages that don't straight away canvass the bogus pharmacy website's URL inside the spam mail. Rather they canvass the URLs that lead onto HTML web-pages hosted on hijacked sites.

These HTML web-pages can be found at the hijacked sites' root area, whilst the redirectors for HTML help to obfuscate the ultimate web-page to which users are diverted. In the current instance, the ultimate page is the bogus pharmacy website notoriously called 'Pharmacy Express' or 'Canadian Pharmacy.' In reality the HTML pages serve as simple redirectors.

Hitherto, according to the researchers, these HTML redirectors are either META refresh directs alternatively JavaScript redirects.

They further say that the spammers appear to load JPEG images too that canvass different drugs within the hijacked Internet sites' root directory. Besides, the spammers include such images within their spam mails as well.

State the researchers that the latest spam campaign abuses a huge 1,000 fresh hosts, everyday. Nevertheless, as the attacked websites do not seem to be utilizing an identical kind of application, it's likely that no common security flaw exists that's getting exploited.

Meanwhile, an explanation considered most probable as to why the hijackings occur is the criminals' greed for FTP credentials that are plentifully available for black. Various PC Trojans are prevalent that steal sensitive information. In particular they attack FTP accounts. Trend Micro states that after such sensitive information are stolen, they're traded in mass for very low prices on illegal websites like with only $250 a bunch of 300,000 FTP logins that have been acquired via theft can be bought.

Moreover, the researchers, by studying a specimen spam mail from the current campaign substantiate that it has been sent from the well-known Rustock botnet. They therefore conclude that those responsible for this bulk website hack as also those operating the Rustock bot for spam are pretty closely associated, if not the same.

Read full article...