dra007 Posted December 31, 2006 Share Posted December 31, 2006 Anyone else deluged with Happy New Year Received: from source ([208.18.50.47]) by exprod7mx86.postini.com ([64.18.6.14]) with SMTP; Sat, 30 Dec 2006 23:17:51 PST Received: from kia ([149.240.92.109]) by smumuk with Microsoft SMTPSVC(5.0.2195.6713); Sun, 31 Dec 2006 01:14:36 -0600 Message-ID: <4597635C.5040106[at]arbiltek.com> Date: Sun, 31 Dec 2006 01:14:36 -0600 From: disapprove <gudujb[at]arbiltek.com> User-Agent: Thunderbird 1.5.0.9 (Windows/20061207) MIME-Version: 1.0 To: [at]imap.pitt.edu Subject: Happy New Year! Content-Type: multipart/related; boundary="------------080707030709030501020306" X-pstn-levels: (S: 0.05549/98.86690 R:95.9108 P:95.9108 M:97.0282 C:98.6951 ) X-pstnvirus: W32/Nuwar[at]MM X-pstn-settings: 5 (2.0000:2.0000) s gt3 gt2 gt1 r p m c X-pstn-addresses: from <gudujb[at]arbiltek.com> forward (good recip) [3773/146] -------------------------------------------------------------------------------- Date: Sun, 31 Dec 2006 01:14:36 -0600 From: disapprove <gudujb[at]arbiltek.com> To: [at]imap.pitt.edu Subject: Happy New Year! Attachments: application/x-msdownload; name="greeting postcard.exe" virus containing e-mails? Link to comment Share on other sites More sharing options...
GraemeL Posted December 31, 2006 Share Posted December 31, 2006 virus containing e-mails? Yes. It's been around for two or three days now. Securiteam information. SANS ISC information. Link to comment Share on other sites More sharing options...
dra007 Posted December 31, 2006 Author Share Posted December 31, 2006 Thanks, interesting to note: Kaspersky Lab has added detection on Thursday 28th Dec and several sources report about massive spam campaigns. The size of the .exe varies but the subject line is always same. Maybe no need to mention that this malware tries to terminate the processes of several AV and firewall utilities. ...I have been getting a 50-60% increase in spam these days as well as doezens of viruses. Spammers must love me...Good thing postini defangs the e-mails before I even see them.. Link to comment Share on other sites More sharing options...
Farelf Posted December 31, 2006 Share Posted December 31, 2006 Anyone else deluged with ...Happy New Year virus containing e-mails?Yep, see my example in VirusTotal, Multiple AV scanner Link to comment Share on other sites More sharing options...
StevenUnderwood Posted December 31, 2006 Share Posted December 31, 2006 Anyone else deluged with Happy New Year virus containing e-mails? I reported about a dozen of these this morning as caught by Postini. There is another thread around here with more information as well. Link to comment Share on other sites More sharing options...
daryn Posted January 5, 2007 Share Posted January 5, 2007 Thanks, interesting to note: ...I have been getting a 50-60% increase in spam these days as well as doezens of viruses. Spammers must love me...Good thing postini defangs the e-mails before I even see them.. My spam rates jumped from 80/day to 150/day in October with all the new pump and dumps and slowly crawled up to 200+/day (about 10/hr) until today.. today I'm getting well over 30/hr.. so I presume I have graduated to the 500/day club.. Spammers are almost making email useless... A parasite that kills the host is usually considered to be unsuccessful... Link to comment Share on other sites More sharing options...
dra007 Posted January 5, 2007 Author Share Posted January 5, 2007 My spam rates jumped from 80/day to 150/day in October with all the new pump and dumps and slowly crawled up to 200+/day (about 10/hr) until today.. today I'm getting well over 30/hr.. so I presume I have graduated to the 500/day club.. Spammers are almost making email useless... A parasite that kills the host is usually considered to be unsuccessful... Congratulations! I passed the 1000/day mark myself. A lot of the increase seems to be in russian originated or hosted spam, comparatively I see drop in the Chinese hosted spam...Perhaps they sold my address and moved on.... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.