Sponsored by..

Tuesday, 6 December 2011

"Epidemic in Guinea" spam / curedret.ru

An interesting twist on malware spam:

Date:      Tue, 6 Dec 2011 10:19:25 +0530
From:      "MARIE Grover" [victimname@hotmail.com]
Subject:      Re: Epidemic in Guinea

The government is hiding this fact, but there is a new epidemic in Guinea

I got to know it from friends of mine, they are there right now. Here you can find the instruction what to do not get infected

Read it! 

Perhaps the spammers have a sense of irony, because if you click the link you get directed to a legitimate but hacked site and then bounced to curedret.ru on which attempts to load the Blackhole Exploit kit. This belongs to Digital Networks CJSC (aka DINETHOSTING) in Russia.. blocking the entire range is probably a very good idea as this block is full of malicious sites. The Wepawet report for this page is here.

There are a whole bunch of these c*redret.ru sites, at the moment the following are active on this IP address:


Update: these are coming in for several different countries, payload appears to be the same:

Epidemic in Alabama
Epidemic in Austria
Epidemic in Bangladesh
Epidemic in Belgium
Epidemic in Bermuda
Epidemic in Burkina Faso
Epidemic in Canada
Epidemic in Cape Verde
Epidemic in Chad
Epidemic in Chile
Epidemic in Costa Rica
Epidemic in Croatia
Epidemic in Gambia
Epidemic in Germany
Epidemic in Guam
Epidemic in Guinea
Epidemic in Hong Kong (China)
Epidemic in Indonesia
Epidemic in Iran
Epidemic in Ireland
Epidemic in Israel
Epidemic in Kazakhstan
Epidemic in Kentucky
Epidemic in Kuwait
Epidemic in Maine
Epidemic in Mali
Epidemic in Mayotte
Epidemic in Mexico
Epidemic in Monaco
Epidemic in Montana
Epidemic in Montserrat
Epidemic in New Mexico
Epidemic in Ohio
Epidemic in Oman
Epidemic in Pakistan
Epidemic in Pennsylvania
Epidemic in Russia
Epidemic in Saint Vincent and the Grenadines
Epidemic in Tokelau
Epidemic in Tunisia
Epidemic in Turkey
Epidemic in United Kingdom
Epidemic in United States
Epidemic in United States Virgin Islands
Epidemic in Utah
Epidemic in Wallis and Futuna
Epidemic in Wisconsin
Epidemic in Zimbabwe


TEA-Time said...

Add Epidemic in Seychelles to the list.

Anonymous said...

The entire eastern hemisphere is lined with trash, the best thing to do is block them all.