Threat Category: Spam and Phishing | Page 14

2014 sees two huge sporting events taking place: the football World Cup in Brazil and the Winter Olympic Games in Sochi. In November we mentioned a mailing exploiting the World Cup – the fraudsters disguising their scam as a lottery. In January the number of these kinds of mailings increased. The stories used in the

The Olympic Games are a huge event. And scammers are obviously going to try and exploit the interest they generate.

I have never bought a PlayStation and neither has my colleague Micha-san from Japan – well, in his case, at least not from Brazil. Nonetheless, we both received the same email notification: In this instance cybercriminals from Brazil have used a new, yet very strange technique – spreading Trojan bankers via .Jar files. I say strange because even if

The largest website in Sweden; Aftonbladet is spreading malware.

The XXII Winter Olympic Games officially get under way on 7 February. Of course, this major sporting event has not gone unnoticed by the spammers. The “Nigerian” scammers couldn’t resist either: at the end of January we received an interesting mailing from someone looking for a trustworthy person in Russia who they could transfer 850,000 euros to.

Letters about lottery wins are a standard trick used by “Nigerian” scammers. Very often, the author of such letters will explain that he is the happy winner of a multi-million lottery win, and he doesn’t know how to spend the unexpected windfall, and has decided to turn to philanthropy. Over the last few months, we

To complement the already mentioned findings, the same cybercriminal’s server contains additional interesting things but before mentioning them, I want to give a little bit more information about the email database used to spam victims to infect them with the Betabot malware. E-mail database How big is the list of email addresses to spam victims? It has

The storm of phishing and malware attacks using the theme of the World Cup continues. Brazilian cybercriminals decided to invest their efforts to spread fake giveaways and fraudulent websites selling tickets for the games at very low prices, tickets that in fact do not exist.

Any attempt to take advantage of a credit offer contained in a spam mailing may prove costly – and the problems can start as soon as you read the initial offer.

Mikhail Khodorkovsky, the former head of the Russian oil company YUKOS, was recently released from jail. There is a lot of speculation in Russia as to the reasons for his amnesty, while tabloids around the world are watching the ex-businessman’s every step. For ‘Nigerian’ scammers, the news was used as the basis for a tale

China is traditionally the leading source of spam in the world, and letters from numerous Chinese manufacturers, producing a huge variety of goods, are constantly present in spam traffic. In our October report we mentioned that these mailings are usually linked in some way to the most popular international holidays. And seeing as how January doesn’t really

Recently, though, we saw a series of messages persistently sent to the same email address. Apparently, the attacker’s main goal was to infect that computer – all emails, no matter what their headers were, contained Email-Worm.Win32.NetSky.q.

In December, we registered ‘Nigerian’ mailings exploiting the theme of Nelson Mandela’s death to trick users. The same topic is still inspiring spam mailings in January – but this time there are some differences in the content – the intro and the author’s signature. At first glance there seemed to be nothing in common between the emails.

Messages from bank workers or millionaires looking for someone to help them cash in huge sums of money are no longer capable of surprising us. Most of these emails are written in English, which has long been the language of international correspondence – it was unusual to ever see these kinds of messages written in

PDF Version The year in figures The proportion of spam in email flows was 69.6% in 2013, which is 2.5 percentage points lower than in 2012 The percentage of emails with malicious attachments was 3.2%, which is 0.2 percentage points lower than in 2012 32.1% of phishing attacks targeted social networks The greatest amount of

Reports

Kaspersky GReAT experts uncovered a new campaign by Lazarus APT that exploits vulnerabilities in South Korean software products and uses a watering hole approach.

MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

Kaspersky researchers analyze GOFFEE’s campaign in H2 2024: the updated infection scheme, new PowerModul implant, switch to a binary Mythic agent.

Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.

Spam and Phishing

The World Cup: Spammers Set Their Sights on Goal

Mobile Scammers Target Sports Fans

Encrypted Java Archive Trojan bankers from Brazil

Largest Website in Sweden Spreading Malicious Code

Scammers Heading to the Olympics

Millionaires Want to Share Their Money

Big Box LatAm Hack (2nd part – Email Brute-force and Spam)

World Cup: Fake Tickets, Fake Giveaways, Real Attacks

Spam Money Lenders: data theft, Trojans and other special features of ‘cheap’ loans

Black Gold, or a Black Hole in Your Pocket

Olympic Games: Made in China

Worm Attack! Your Mailbox is Under Threat

Mandela’s Millions

Nigerian Polyglots

Kaspersky Security Bulletin. Spam evolution 2013

Reports

Operation SyncHole: Lazarus APT goes back to the well

IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia

GOFFEE continues to attack organizations in Russia

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

Subscribe to our weekly e-mails