Dynamoo's Blog

Another spam, another " redret " domain. This time the spam is a "changelog" one, the malicious payload is on cjredret.r...

More spam pointing to a malicious web page at chredret.ru/main.php (after redirecting through a legitimate but hacked site), but this time ...

Another fake "contract" spam leading to malware, hosted on chredret.ru . Date:      Tue, 27 Dec 2011 06:06:18 +0700 From:      ...

More NACHA spam, this time pointing to cgredret.ru ( which we've seen before ) which delivers a malicious payload. Date:      Thu, 22 ...

The spam tsunami continues, this one is a reworking of one seen last month , but with a new payload site. Date :      Wed, 21 Dec 2011 06:...

These are another part of the "redret" series of malware sites being promoted by spam, and are worth blocking proactively. 1 09....

Yet more BBB spam, this time with a different malicious domain - curvechirp.com, hosted on 184.171.248.47 at TMZHosting LLC, Florida. This r...

Yet more BBB themed malware spam this morning, bouncing through a couple of hacked servers to a malicious payload on curcandle.net ( 174.13...

More malware domains to block, being promoted through malicious spam emails: 89.208.34.116   (Digital Network JSC Russia aka DINETHOSTING....

Another set of "Redret" domains, the b*redret.ru series is used in malware distribution. It has some new IP addresses since the la...

These "Redret" domains serve up malware and are promoted by spam, some of them have moved around since last week so consider this...

Here's another BBB Spam leading to malware.. Date :      Tue, 20 Dec 2011 11:45:50 +0100 From :      "BBB" [support@bbb.org...

This is a fairly common malware spam, pointing to malicious code on cfredret.ru/main.php . Date :      Tue, 20 Dec 2011 05:42:20 +0300 Fr...

More BBB spam, this time attempting to deliver users to a malicious payload on blumtam.com . A couple of samples: Date:      Tue, 20 De...

This DHL themed spam leads to malware: From : DHL Express Sent : 19 December 2011 10:03 Subject : DHL Express Dispatch Confirmation Or...

More FDIC spam leading to malware, this time at splatstack.net . Date:      Mon, 19 Dec 2011 05:32:49 -0600 From:      "Greta Bulloc...

This is another take on RockSmith Management scam, linked to these dodgy work-at-home sites , apparently with an Australian connection. D...

Yet another round of fake NACHA spam leading to malware is doing the rounds, this time the payload is on ragsnip.com/main.php?page=111d937ec...

More NACHA spam is doing the rounds, this time redirecting through a legitimate hacked site to ragsnub.com/main.php?page=69dbd5a1e3ed6ae9 o...

More NACHA themed spam this morning that redirects victims through a hacked legitimate site to a malware laden page, this time hosted on evr...