Anti-Spam Appliance spammed: the protectors need protecting too

20 Apr 2007

minute read

Authors

Michael Molsner

A range of cases show that compromised computers can be found in almost any field of business. We have seen phishing pages hosted on school and university sites as well as banking and government websites. This week we came across a rather rare case of a Paypal phishing scam planted on a machine apparently belonging to a provider of IT security solutions.

This is one of the many examples that show that even if a network is maintained by qualified specialists, you can’t let your guard down for a minute.

Of course we notified the company the minute we discovered the glitch and 8 hours later the phish had been removed.

Incidentally, the phishing setup contained “Trojan-Spy.HTML.Paylap.hp” as well as “Trojan-Spy.HTML.Paylap.hn”, both of which are detected by Kaspersky products since January 2006.

Authors

Michael Molsner

Anti-Spam Appliance spammed: the protectors need protecting too

Latest Posts

Latest Webinars

Reports

We continue to report on the APT group ToddyCat. This time, we’ll talk about traffic tunneling, constant access to a target infrastructure and data extraction from hosts.

New unattributed DuneQuixote campaign targeting entities in the Middle East employs droppers disguised as Total Commander installer and CR4T backdoor in C and Go.

In this report Kaspersky researchers provide an analysis of the previously unknown HrServ web shell, which exhibits both APT and crimeware features and has likely been active since 2021.

Asian APT groups target various organizations from a multitude of regions and industries. We created this report to provide the cybersecurity community with the best-prepared intelligence data to effectively counteract Asian APT groups.

Anti-Spam Appliance spammed: the protectors need protecting too

GReAT Ideas. Balalaika Edition

GReAT Ideas. Green Tea Edition

GReAT Ideas. Powered by SAS: malware attribution and next-gen IoT honeypots

GReAT Ideas. Powered by SAS: threat actors advance on new fronts

GReAT Ideas. Powered by SAS: threat hunting and new techniques

TGIF(P) – Thank god it’s fried phish

AVAR 2014 – Australia

CeCOS VIII – Hong Kong

SyScan 2014

CODE BLUE in Tokyo

QR codes in email phishing

Phishing with hacked sites

Email crypto phishing scams: stealing from hot and cold crypto wallets

How scammers employ IPFS for email phishing

Mass email campaign with a pinch of targeted spam

Latest Posts

Using the LockBit builder to generate targeted ransomware

XZ backdoor story – Initial analysis

DinodasRAT Linux implant targeting entities worldwide

Android malware, Android malware and more Android malware

Latest Webinars

The Future of AI in cybersecurity: what to expect in 2024

Responding to a data breach: a step-by-step guide

2024 Advanced persistent threat predictions

Overview of modern car compromise techniques and methods of protection

Reports

ToddyCat is making holes in your infrastructure

DuneQuixote campaign targets Middle Eastern entities with “CR4T” malware

HrServ – Previously unknown web shell used in APT attack

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

Subscribe to our weekly e-mails