Some of you might remember my last Pharma hack post, Intelligent (Pharma) SPAM Decoded, today I will spend some time looking a different variant of the same infection type but focus on a payload that is not encoded or embedded within an existing file, instead it resides in its own file – PHP5.php. “Hmm, maybe […]
This fake Facebook spam leads to a fake pharma site, but it could easily be adapted for malware. Date: Thu, 26 Apr 2012 09:33:46 -0700 From: “Facebook” [[email protected]] Subject: Welcome back to Facebook Hello, The Facebook account associated with xxxxxxxxxxx was recently reactivated. If you were not the one who reactivated this […]
This “LiveJournal” spam actually leads to a fake pharma site, but it could be adapted easily to deliver malware: Date: Sun, 22 Apr 2012 04:21:28 +0000 From: “LiveJournal.com” [[email protected]] Subject: Welcome to LiveJournal Congratulations! Thanks for creating a new journal at LiveJournal! Please click here to complete validation and set your primary […]
Latest Comments