Sponsored by..

Monday 28 May 2012

Amazon.com spam / anarodas.net

Perhaps I spoke too soon about the quietness on the malware spam front. Here's a spam pretending to be from Amazon.com leading to malware on anarodas.net:

From: digital-no-reply@amazon.com [mailto:Amazon.com]
Sent: 25 May 2012 19:02
Subject: Your Kindle e-book Amazon.com receipt.

Thanks for your order, XXXXXXX!
Did you know you can view and edit your orders online, 24 hours a day? Visit Your Account.
Order Information:
E-mail Address:  XXXXXXX
Billing Address:
Jerry Vance
503-8878 Vel Avenue
United States
Phone: 614-361-9914   
Order Grand Total: $ 54.99


Earn 3% rewards on your Amazon.com orders with the Amazon Visa Card. Learn More

Order Summary:
Order #:     T29-2192561-6011996
Subtotal of items:     $ 54.99
Total before tax:     $ 54.99
Tax Collected:     $0.00
Grand Total:     $ 50.00
Gift Certificates:     $ 4.99
Total for this Order:    $ 54.99

The following item is auto-delivered to your Kindle or other device. You can view more information about this order by clicking on the title on the Manage Your Kindle page at Amazon.com.
Mockingjay (The Final Book of The Hunger Games) [Kindle Edition] $ 54.99
Sold By: Random House Digital, Inc.

You can review your orders in Your Account. If you've explored the links on that page but still have a question, please visit our online Help Department.
Please note: This e-mail was sent from a notification-only address that cannot accept incoming e-mail. Please do not reply to this message.
Thanks again for shopping with us.
Earth's Biggest Selection
Prefer not to receive HTML mail? Click here

The malicious payload is on [do not click]anarodas.net/xor/index.php?showtopic=249281 (report here). The site is hosted on the familiar IP address of which is an ADSL line in Cairo.

No comments: