Dynamoo's Blog
Malware, spam, scams and random stuff, by Conrad Longmore.
Tuesday 10 September 2013
Are top porn sites still riddled with malware?
›
This summary is not available. Please
click here
to view the post.
1 comment:
BBB Spam / Case_0938818_2818.exe
›
This fake BBB spam has a malicious attachment: Date: Tue, 10 Sep 2013 15:07:14 +0100 [10:07:14 EDT] From: Better Business Bur...
Monday 9 September 2013
ygregistry.org domain scam
›
This Chinese domain scammers never give up, this scam has been seen several times before [1] [2] [3] [4] . From: Jim Bing [jim.b...
5 comments:
Malware sites to block 9/9/13, part II
›
Another set of IPs and domains related to this attack detailed by Sophos, and overlapping slightly with the malicious servers documented ...
Malware sites to block 9/9/13
›
These domains and IPs are associated with this gang , this list supersedes (or complements) the one I made last week . 1.209.108.29 (BOR...
Saturday 7 September 2013
Dealerbid.co.uk "Quotation.zip" spam with malicious VBS script
›
The website dealerbid.co.uk has been compromised and their servers hacked in order to send spam to their customer list. Something similar...
Friday 6 September 2013
"Scanned Document Attached" spam / FSEMC.06092013.exe
›
This fake financial spam contains an encrypted attachment with a malicious file in it. Date: Fri, 6 Sep 2013 15:19:37 +0000 [11:19...
CNN "The United States began bombing" spam / luggagepreview.com
›
This fake CNN spam leads to malware on luggagepreview.com : Date: Fri, 6 Sep 2013 11:30:57 -0600 [13:30:57 EDT] From: CNN [B...
Something evil on 37.59.164.209 (OVH)
›
37.59.164.209 is a server operated by OVH in France. It has many malicious domains hosted on it, indeed almost everything on it is flag...
Thursday 5 September 2013
Facebook spam / kapcotool.com
›
This fake Facebook spam leads to malware on kapcotool.com : From: Facebook [no-reply@facebook.com] Date: 5 September 2013 15:21...
Wednesday 4 September 2013
HSBC spam / Original Copy (Edited).zip
›
This fake HSBC spam links to a malicious ZIP file: Date: Wed, 4 Sep 2013 01:45:17 -0700 [04:45:17 EDT] From: HSBC Wire Advis...
PayPal spam / dshapovalov.info
›
This fake (and badly formatted) fake PayPal spam email leads to malware on dshapovalov.info : Date: Wed, 4 Sep 2013 08:33:25 -0500...
Something is very wrong with Gandi US (AS29169 / 173.246.96.0/20)
›
Recently I have been suggesting reader block quite a few individual IPs at Gandi in the US, but I hadn't noticed exactly how many IPs...
1 comment:
Something evil on 174.140.168.239
›
The server at 174.140.168.239 (DirectSpace Networks LLC, US) is currently hosting a large number of hijacked GoDaddy domains and is being ...
Facebook spam / watchfp.net
›
All this malware-laden Facebook spam is boring. Here's another one, leading to a malicious payload on watchfp.net : Date: Tue,...
Tuesday 3 September 2013
PayPal spam / londonleatheronline.com
›
This fake PayPal spam leads to malware on londonleatheronline.com : Date: Tue, 3 Sep 2013 09:43:09 +0400 [01:43:09 EDT] From: ...
1 comment:
Monday 2 September 2013
MONK spam tries to profit from WAR threat
›
The MONK (Monarchy Resources Inc) pump-and-dump spam continues. This time though, the spammers are trying to capitalise on the threat of ...
Facebook spam / london-leather.com
›
This fake Facebook spam leads to malware on london-leather.com : Date : Mon, 2 Sep 2013 19:59:52 +0300 [12:59:52 EDT] From : Fa...
‹
›
Home
View web version