Storm botnet delivers MP3 attachments that read pump-and-dump pitchSpammers started delivering spoken messages last night, the newest twist on the ongoing pump-and-dump scam, several security researchers said today.According to analysts, the spam is coming from the individual or gang responsible for the Storm Trojan, and is being sent from a piece of the Storm-built botnet that was recently split off from the core group of compromised computers.Around 17:30 (USA EDT) Wednesday, security vendors, including SecureWorks Inc. and MessageLabs Ltd. began noticing a wave of spam using MP3 audio file attachments to dupe recipients into investing in a penny stock. The spam run was still in operation as of noon (EDT) today, said Paul Wood, an analyst at MessageLabs, with the volume holding steady at about 10,000 messages per hour. “It’s been going on now for about 18 hours,” said Wood. “That’s pretty unusual.”
http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9043242
http://computerworld.com.au/index.php/id;1948437951;fp;2;fpid;1Also see:Spammers’ new MP3 trick may be short-lived [IDG]
A variation of spam is sliding past spam filters into inboxes, but it’s not likely the new trick will be successful much longer, a security expert said Thursday.The spam messages, urging recipients to buy a stock, have an MP3 audio attachment but no subject line or text, said John Graham-Cumming, an antispam consultant and researcher who is based in France.
http://www.infoworld.com/article/07/10/18/Spammers-new-MP3-trick-may-be-short-lived_1.html
http://computerworld.com.au/index.php/id;504328614;fp;2;fpid;1