The Latest in IT Security

iTunes spam / mokingbirdgives.org

01
Dec
2012


This fake iTunes spam leads to malware on mokingbirdgives.org:

From:     iTunes itunes@new.itunes.com
To:     purchasing [purchasing@victimdomain.com]
Date:     30 November 2012 17:02
Subject:     Your receipt #16201509085048

Billed To:
%email%

Order Number: M1V008146011
Receipt Date: 30/11/2012

Order Total: $699.99
Billed To: Credit card

Item Number     Description     Unit Price
1     Postcard (View\Download )
 Cancel order  Not your order?Report a Problem     $699.99
Subtotal:     $699.99
Tax:     $0.00
Order Total:     $699.99

Please retain for your records.
Please See Below For Terms And Conditions Pertaining To This Order.

Apple Inc.
You can find the iTunes Store Terms of Sale and Sales Policies by launching your iTunes application and clicking on Terms of Sale or Sales Policies

FBI ANTI-PIRACY WARNING
UNAUTHORIZED COPYING IS PUNISHABLE UNDER FEDERAL LAW.

Answers to frequently asked questions regarding the iTunes Store can be found at http://www.apple.com/support/itunes/store/

Apple ID Summary ??????????¬?‚??  Detailed invoice

Apple respects your privacy.

Copyright ??????‚?© 2011 Apple Inc. All rights reserved

The malicious payload is at [donotclick]mokingbirdgives.org/less/demands-probably.php (report here) hosted on 184.82.100.201 (HostNOC, US) along with the following domains which also appear to be malicious:

jokolet5.cu.cc
revreka.cu.cc
kretaf.cu.cc
hoyerrr.cu.cc
xecomas.cu.cc
serawers.cu.cc
spaswers.cu.cc
retainedthumb.uni.me
safemessageassimilated.uni.me
fullblowntie.uni.me
confusetelltale.uni.me
fulltouchabandoning.uni.me
cuingdisinfecting.uni.me
mobilesitedisplaydizzying.uni.me
deadlinesorganizing.uni.me
consequencesaolcom.uni.me
areascompareran.uni.me
trusteunplugs.uni.me
rightsideconcoctions.uni.me
rearfacingisight.uni.me
starearnernot.uni.me
mokingbirdgives.org
germannewslinks.org
likoawdsdfzgage.dyndns-remote.com
syenial.com
amusicman.com
germannewslinks.com
fusioncaters.com
uqakanyd.ocry.com
u96s.info
germannewslinks.info
beardwithgofus.info
demonstrateddesktoplike.pro
thcenturysplitting.pro
stub.appartamentofirenze.net
germannewslinks.net
advert.apps-myups.net

Related posts:
  1. iTunes “Christmas gift card” / api.myobfuscate.com / nikolamireasa.com
  2. Apple is going all-out to bring advertisers to iTunes Radio
  3. Here’s one way Apple might make you care about iTunes again
  4. Apple is planning a major iTunes overhaul to stop it from getting crushed by Pandora
  5. iTunes Festival comes to US for the first time at SXSW

Tags:  
Written by Dynamoo's Blog
0 Comments

Leave a reply


Categories

SUNDAY, FEBRUARY 23, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments