Wednesday, 9 November 2016

Malware spam: "Account temporarily suspended" leads to Locky

This fake financial spam leads to Locky ransomware: From :    Nicole Roman Date :    9 November 2016 at 10:44 Subject :    Account temp...

Malware spam: "Your Amazon.com order has dispatched" leads to Locky

This summary is not available. Please click here to view the post.
1 comment:
Tuesday, 8 November 2016

Malware spam: "Suspicious movements" leads to Locky

This fake financial spam leads to Locky ransomware: Subject :     Suspicious movements From :     Marlene Parrish Date :     Tuesday,...

Malware spam: "Statement" leads to Locky

Another terse fake financial spam leading to Locky ransomware: Subject :     Statement From :     accounts@ somedomain.tld Date :    ...
Monday, 7 November 2016

Malware spam: "Financial documents" leads to Locky

The never-ending Locky ransomware onslaught continues. This fake financial spam has a malicious attachment: Subject :     Financial doc...
Thursday, 3 November 2016

Malware spam: "!!! Urgent payment request" from random senders leads to Locky

This spam comes from random senders, the name in the "From" field always matches the fake email signature. The number of exclama...

Moar Locky 2016-11-03

I haven't had much time to look at the Locky runs overnight, but here is a data dump of download locations and C2s (at the bottom) fro...
Wednesday, 2 November 2016

Malware spam: "Companies House - new company complaint" / noreply@companies-house.me.uk / noreply@companieshouses.co.uk leads to TrickBot

This fake Companies House spam leads to TrickBot malware : From :    Companies House [noreply@companieshouses.co.uk] Date :    2 Novemb...
Tuesday, 1 November 2016

Malware spam: "New Fax Message" / administrator@local-fax.com leads to TrickBot

This fake fax leads to TrickBot which appears to be similar to the Dyre banking trojan that we saw a lot of last year.. From :    Admi...
1 comment:

Malware spam: "This is to inform that the transaction you made yesterday is declined." leads to Locky

This fake financial spam leads to Locky ransomware: Subject :     Transaction declined From :     Chandra Frye Date :     Tuesday, 1 ...
Monday, 31 October 2016

Malware spam: "Wrong tracking number" leads to Locky

This spam email leads to Locky ransomware: From     "Samuel Rodgers" Date     Mon, 31 Oct 2016 15:21:22 +0530 Subject     W...
Friday, 28 October 2016

Malware spam: "Payment history" leads to Locky

Another morning, another spam run pushing Locky ransomware: Subject :     Payment history From :     Theodore Wilkins Date :     Frid...
Thursday, 27 October 2016

Moar Locky 2016-10-27

Lots of Locky today, here are some additional download locations for those naughty .wsf scripts. 139.162.29.193/g67eihnrv 1water.com.au/...

Malware spam: "E-TICKET 41648" leads to Locky

More Locky ransomware today.. From     "Matthew standaloft" Date     Thu, 27 Oct 2016 15:20:27 +0530 Subject     E-TICKET 416...

Malware spam: "This is from the Telephone Company to remind you that your bill is overdue." leads to Locky

This fake financial spam leads to Locky ransomware: Subject :     Bill overdue From :     Alexandria Maxwell Date :     Thursday, 27 ...
Wednesday, 26 October 2016

Malware spam: "Your order has been proceeded." leads to Locky

This curiously worded spam email leads to Locky ransomware: Subject :     Your order has been proceeded From :     Elijah Farrell Date ...

Malware spam: "Western Union Help Desk" / "Proof" leads to Adwind

Just by way of a change, here's some malspam that doesn't lead to Locky.. From :    Western Union Help Desk [mes@prosselltda.cl...
Tuesday, 25 October 2016

Malware spam: "Blank / Document / File / Image / img / IMG / Pic / Picture / Scan Data" leads to Locky

Perhaps minimalist spam works better, there is currently a Locky spam run with on of the subjects Blank / Document / File / Image / img / ...
Monday, 24 October 2016

Generic email phish tries to bamboozle with jargon

This phishing spam tries to confuse potential victims by throwing legitimate-looking jargon around. From: Postmaster [mailer-daemon@mail...

Malware spam: "Complaint letter" leads to Locky

This spam leads to Locky ransomware: From     "Justine Hodge" Date     Mon, 24 Oct 2016 19:27:53 +0600 Subject     Complain...