Beyond the botnet
SampleReceived2
Here is a related sample posted to NANAS indicating others are seeing the same issue.
Like the Commtouch blog described, the spammers are sending med spam via Google Docs links:
SampleCNETGoogleDoc2
In addition to the increasingly rare “Pump and Dump” stock spam:
SampleCNETStock2
SampleCNETPillsByPhone2
These messages have been hitting out traps intermittently between the 12th and 16th of January. We notified CNET’s abuse department last Friday but have received no response (besides an immediate auto-ack). Meanwhile, the campaigns stopped the same day, but the cause is unknown. Adam O’Donnell’s response to Shara on the ZDNet blog, though, may imply they’re still not aware of the real extent of the problem — either that or their abuse department doesn’t talk to their security bloggers…
With last year’s highly publicized take-downs of rogue hosting companies, and the allure of the positive reputation of senders like CNET, spammers have likely started thinking about life beyond the botnet. It’s clear even Internet technology leaders like CNET can’t afford to let their guard down in the fight against online crime.
Posted on January 20th, 2009 by Brett Cove, SophosLabs, CanadaFiled under: General, Spam
Windows 7 security - A great leap forward or business as usual?
