-
- SophosLabs: 4 yrs jail for man who masterminded Bredolab botnet of 30 million computers http://t.co/yq2q5tkG #huzzah!3 minutes ago
- SophosLabs: Learn more about analog computing - and Bob Moog! http://t.co/B0dQjMdk24 minutes ago
- gcluley: DDoS attack brings down UK webhosting firm 123-reg http://t.co/kMwKEhRS (via @regvulture)about 1 hour ago
- gcluley: Bredolab: Jail for man who masterminded botnet of 30 million computers http://t.co/Sr9Ea3EYabout 3 hours ago
- gcluley: Rock-and-roll Google celebrates analog computing - and Bob Moog http://t.co/Ftd8ouN2about 7 hours ago
Articles by Brett Cove
One week later: Rustock and Pharmacy Express still flatlined
One week after the much publicized Rustock botnet command and control take down, and subsequent drop in spam volumes, SophosLabs can confirm Rustock has not come back from the dead.
Targeted webmail phishing attacks
Targeted webmail phishing attacks are on the rise and are affecting more and more organizations.
Brett Cove, who works in the anti-spam operations team at SophosLabs, investigates why you should care about spearphishing, and how you can protect against it.
Sue BP for damages resulting from the oil spill?
SophosLabs global network of spamtraps are now seeing "snow-shoe spam" promoting litigation services against British Petroleum (BP) relating to the Gulf of Mexico Oil Spill disaster. They are targeting anyone who may be negatively affected by the oil spill, and Read more…
CNNIC changes have effect on spam tactics
As was announced on Dec 11th, CNNIC (China Internet Network Information Center) now requires a "formal paper based application material when making the online application to the registrar." The motivation behind this seems more related to cracking down on porn Read more…
Spam for the visually impaired
Starting at ~3:20pm GMT today, Canadian Pharmacy spammers began using attached MP3 files as the call-to-action for their latest campaign. The message had no subject, no "text" body content, just an attached "audio/mpeg" file with a random lower case file Read more…
Conficker Infection Alert!!
With all the hype around Conficker recently, it should come as no surprise that scammers are using this highly publicized threat to attempt to spread more malware. We've been seeing spam spreading fake AV malware for quite some time, typically Read more…
Beyond the botnet
As reported by Shara Grifenhagen over at Commtouch, spammers for the last week have been abusing not only Google Docs (again) but also what appears to be a "recommend this to a friend" mechanism at ZDNet's web site, somehow finding Read more…
My spam run is bigger than your spam run
For the past two weeks SophosLabs have been monitoring a specific spam campaign employing thousands of shocking subject lines, and a link to one of thousands of compromised hosts serving up malware. This campaign has also changed the filename the Read more…
Critical Microsoft update via Amazon EC2?
This past weekend a fairly typical malware campaign started to arrive on our global network of spam traps, using the common technique of disguising itself as an "Important Windows Update". Its characteristics are mostly what you would expect from spammed Read more…
April Fools Dorf
April Fools Day is an opportunity for many to play practical jokes on each other. Unfortunately it's not just harmless pranks, but malware authors are also jumping on the bandwagon. Those behind the "Dorf" malware have decided to make use Read more…
Side of spam with your Dorf?
As we've blogged about previously, the current form of the constant flood of Dorf spam has been taking advantage of Valentine's Day which is quickly approaching. An interesting twist observed by SophosLabs this week is the same IP addresses used in Read more…
Return Of The Dorfs: A Christmas Special
Today spamtraps monitored by SophosLabs received samples of a malware campaign spammed out using the combination of the holiday season, and the promise of a "Personal Holiday Strip Show" in an attempt to infect computers. The format of the messages Read more…
Become an honourable "Donation Collector"
In SophosLabs, we constantly observe a steady stream of money mule/Nigerian scam campaigns. Usually these emails offer some part-time position to "process money from our overseas customers" or that some grant/prize money from a charity/lottery is coming along. Today however, Read more…
US Presidential candidate spamming?
We all know most involved in politics use email as a method to fund-raise, communicate with their supporters, garner more support, etc.. More often than not, these parties send to lists mostly consisting of people that asked for their mail Read more…
PDF spam no more?
Over approximately the past 2 months, PDF spam has exploded from a little used technique to making up close to 30% of all spam being sent during its peak (averaged daily). Due to spammers adjusting their campaigns, the volume of Read more…
4th of July Ecard
The current trend of spreading malware via "Ecards" (greeting cards that can be sent and read online via email) continued in huge volumes today (As previously reported here: A not so friendly Ecard, and here: Ecards continue to flood in). Read more…
Bogus Microsoft Security Bulletin
A highly targeted fake Microsoft Security Bulletin is being spammed out today. The campaign is attempting to appear as a notification for a new "0-day vulnerability" for Microsoft Outlook, but in reality its purpose is to install a Windows-based Trojan. Read more…
Endless phish targets
With widespread adoption of accurate spam filters, improved public awareness, and most big financial institutions implementing improved online security features, scammers are being forced to adjust their tactics. One such tactic SophosLabs is seeing, is a consistent flow of new brands being targeted in phishing Read more…
