SlideShare ist ein Scribd-Unternehmen logo

Malware SPAM - March 2013

‱
‱
Brent Muir
Brent Muir

Statistical analysis of malicious emails received March 2013

Technologie
1 von 3
Downloaden Sie, um offline zu lesen
MALWARE SPAM – MARCH 2013 ‱Malicious SPAM is defined by me as any unsolicited email that contains a potential information security risk. This does not include the usual marketing newsletter emails. Only those for which there is not a prior affiliation and that make it into my mail box. Total # Received Type - Viagra Type - Job Type - Green Card Type - Banking Type - LinkedIn Type - Criminal Background Check Type - Other Malicious Link Malicious Attachment Attachment Type - .ZIP Attachment Type - .DOC Attachment Type - . PDF Sent from malformed email header Sent from compromise d known contact Contains my email address in "TO" field Mar-13 10 0 0 0 0 0 1 9 10 0 - - - 7 0 2
MARCH 2013 – DETAILS – PAGE 1 Date Type Malicious Link Link Shortener Link Masking Link Host Link Risks Malicious Attachment Attachment Type Sent from malformed email header Sent from compromised known contact Listed Email Host Real Email Host Domain Proxy Service Registration Information Country Hosting Domain (IP) Contains my email address in "TO" field 1 1/03/2013 Ciggarettes ? Yes No Yes - basic amazonaws.com No Yes No yahoo.com 41.142.76.222 41.142.76.222Yes (no Whois record) 41.142.76.222- Unknown, registered to block MAROC TELECOM (ISP) menara.ma 41.142.76.222- Morocco (MAROC TELECOM -ISP, menara.ma ) No (starhub.net.sg listed as receipient) 2 2/03/2013 penial enlargements? Yes No No ydxa.org No Yes No yahoo.com 91.210.101.79 91.210.101.79- Yes (no Whois record) ydxa.org - Yes (DomainsByProxy.com) 91.210.101.79- Unknown, registered to block for UA-NETWORKING LTD (ISP) uanetworking.com (net-art.cz ?) ydxa.org - Unknown 91.210.101.79- UK (via uanetworking.com) ydxa.org - US (via bluehost.com) No (no recipients listed) 3 2/03/2013 Crime warning Yes No Yes - basic amazonaws.com No Yes No yahoo.com 62.244.130.100 62.244.130.100- Yes (no Whois record) 62.244.130.100- Unknown, registered to block Netia Telekom S.A (ISP) 62.244.130.100- Poland (via Netia Telekom S.A. netia.pl) No (yahoo.co.in listed as recipient) 4 7/03/2013 Ciggarettes ? Yes No Yes - basic amazonaws.com No Yes No yahoo.com 81.24.208.123 81.24.208.123- Yes (no Whois record) 81.24.208.123- Unknown, registered to block for NKTV Ltd (ISP) 81.24.208.123- Ukraine (via nktv.mk.ua) No (yahoo.com listed as recipient) 5 10/03/2013Ciggarettes ? Yes No Yes - basic amazonaws.com No Yes No yahoo.com 93.147.117.200 93.147.117.200- No, but Whois record points to ISP record (teletu.it) 93.147.117.200- registered to block for ISP teletu.it, Vodafone Omnitel N.V., Alicom s.r.l., http://www.tol.it, omnitel.it 93.147.117.200- Italy (via vodafone.it) No (yahoo.com listed as recipient) 6 15/03/2013Friend request? Yes No No funniest-pictures.com No Yes No hotmail.com 184.168.152.26 184.168.152.26- No funniest-pictures.com - Yes (DYNADOT Privacy) 184.168.152.26- SECURESERVER.NET funniest-pictures.com - Unknown, registered to block DYNADOT, LLC (ISP) 184.168.152.26- US (via SECURESERVER.NET & Go Daddy) funniest-pictures.com - US (via DYNADOT, LLC) Yes (amongst many others)
MARCH 2013 – DETAILS – PAGE 2 Date Type Malicious Link Link Shortener Link Masking Link Host Link Risks Malicious Attachment Attachment Type Sent from malformed email header Sent from compromised known contact Listed Email Host Real Email Host Domain Proxy Service Registration Information Country Hosting Domain (IP) Contains my email address in "TO" field 7 21/03/2013Weight loss? Yes No Yes - basic amazonaws.com No No No yahoo.com yahoo.com No (tpg.com.au listed as recipient) 8 22/03/2013Weight loss? Yes No Yes - basic amazonaws.com Performs File Modification and Destruction: The executable modifies and destructs files which are not temporary. Changes security settings of Internet Explorer: This system alteration could seriously affect safety surfing the World Wide Web. Performs Registry Activities: The executable creates and/or modifies registry entries. No No No yahoo.com yahoo.com 9 23/03/2013Friend request? Yes No No evomerchantservices.org No No No yahoo.com yahoo.com evomerchantservices.org - No evomerchantservices.org - J and S Productions LLC (jstmerchantservices.com) evomerchantservices.org - US (via Global Net Access, LLC gnax.net) No (no recipients listed) 10 24/03/2013Unknown Yes No No Performs File Modification and Destruction: The executable modifies and destructs files which are not temporary. Changes security settings of Internet Explorer: This system alteration could seriously affect safety surfing the World Wide Web. Performs Registry Activities: The executable creates and/or modifies registry entries. No Yes No yahoo.com 83.26.142.16 83.26.142.16- Yes (no Whois record) sv-schaephuysen.de - 83.26.142.16- registered to block tpnet.pl (ISP) TELEKOMUNIKACJA POLSKA S.A. , az.pl sv-schaephuysen.de - STRATO AG 83.26.142.16- Poland (via TELEKOMUNIKACJA POLSKA S.A.) sv-schaephuysen.de - Germany (via STRATO AG, strato.de Yes (amongst many others)

Empfohlen

Malware SPAM - January 2013
Malware SPAM - January 2013Malware SPAM - January 2013
Malware SPAM - January 2013Brent Muir
 
De-anonymizing Members of French Political Forums - Passwords13
De-anonymizing Members of French Political Forums - Passwords13De-anonymizing Members of French Political Forums - Passwords13
De-anonymizing Members of French Political Forums - Passwords13ketaman
 
Malware from the Consumer Jungle
Malware from the Consumer JungleMalware from the Consumer Jungle
Malware from the Consumer JungleJason S
 
Gloria flores
Gloria floresGloria flores
Gloria floresyaya700
 
Jessica guevara
Jessica guevaraJessica guevara
Jessica guevarajessica97
 
Protecting Yourself Online
Protecting Yourself OnlineProtecting Yourself Online
Protecting Yourself OnlineGary Wagnon
 
Opt out-3 jul2014
Opt out-3 jul2014Opt out-3 jul2014
Opt out-3 jul2014Naval OPSEC
 
Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?Taylor Van Sickle
 

Empfohlen

Malware SPAM - January 2013
Malware SPAM - January 2013Malware SPAM - January 2013
Malware SPAM - January 2013Brent Muir
 
De-anonymizing Members of French Political Forums - Passwords13
De-anonymizing Members of French Political Forums - Passwords13De-anonymizing Members of French Political Forums - Passwords13
De-anonymizing Members of French Political Forums - Passwords13ketaman
 
Malware from the Consumer Jungle
Malware from the Consumer JungleMalware from the Consumer Jungle
Malware from the Consumer JungleJason S
 
Gloria flores
Gloria floresGloria flores
Gloria floresyaya700
 
Jessica guevara
Jessica guevaraJessica guevara
Jessica guevarajessica97
 
Protecting Yourself Online
Protecting Yourself OnlineProtecting Yourself Online
Protecting Yourself OnlineGary Wagnon
 
Opt out-3 jul2014
Opt out-3 jul2014Opt out-3 jul2014
Opt out-3 jul2014Naval OPSEC
 
Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?Perimeter E-Security: Will Facebook Get You Hired or Fired?
Perimeter E-Security: Will Facebook Get You Hired or Fired?Taylor Van Sickle
 
How to Catch Someone Who Is Cheating Online
How to Catch Someone Who Is Cheating OnlineHow to Catch Someone Who Is Cheating Online
How to Catch Someone Who Is Cheating OnlinePaul Bossky
 
Anonomity on Internet
Anonomity on InternetAnonomity on Internet
Anonomity on InternetMuhammadArif823
 
100812 internet security2.0
100812 internet security2.0100812 internet security2.0
100812 internet security2.0dkp205
 
Research Project Ms
Research Project MsResearch Project Ms
Research Project Msmafer23
 
What if Petraeus was a hacker? Email privacy for the rest of us
What if Petraeus was a hacker? Email privacy for the rest of usWhat if Petraeus was a hacker? Email privacy for the rest of us
What if Petraeus was a hacker? Email privacy for the rest of usPhil Cryer
 
Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19
Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19
Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19Online News Association
 
Internet Quiz
Internet QuizInternet Quiz
Internet Quizlockyerj
 
Honeypot Projects are Everywhere
Honeypot Projects are EverywhereHoneypot Projects are Everywhere
Honeypot Projects are EverywhereChristos Beretas
 
Booting an image as a forensically sound vm in virtual box
Booting an image as a forensically sound vm in virtual boxBooting an image as a forensically sound vm in virtual box
Booting an image as a forensically sound vm in virtual boxBrent Muir
 
Windows 8.x Forensics 1.0
Windows 8.x Forensics 1.0Windows 8.x Forensics 1.0
Windows 8.x Forensics 1.0Brent Muir
 
SanDisk SecureAccess Encryption 1.5
SanDisk SecureAccess Encryption 1.5SanDisk SecureAccess Encryption 1.5
SanDisk SecureAccess Encryption 1.5Brent Muir
 
WinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage ToolWinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage ToolBrent Muir
 
SanDisk SecureAccess Encryption - Forensic Processing & USB Flashing
SanDisk SecureAccess Encryption - Forensic Processing & USB FlashingSanDisk SecureAccess Encryption - Forensic Processing & USB Flashing
SanDisk SecureAccess Encryption - Forensic Processing & USB FlashingBrent Muir
 
Trying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computingTrying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computingBrent Muir
 
Windows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsWindows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsBrent Muir
 
Windows RT Evidentiary Artefacts 1.0
Windows RT Evidentiary Artefacts 1.0Windows RT Evidentiary Artefacts 1.0
Windows RT Evidentiary Artefacts 1.0Brent Muir
 
Malware Spam February 2013
Malware Spam February 2013Malware Spam February 2013
Malware Spam February 2013Brent Muir
 
Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Brent Muir
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetBrent Muir
 
Ducky USB - Indicators of Compromise (IOCs)
Ducky USB - Indicators of Compromise (IOCs)Ducky USB - Indicators of Compromise (IOCs)
Ducky USB - Indicators of Compromise (IOCs)Brent Muir
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service AttacksBrent Muir
 
RFID Privacy & Security Issues
RFID Privacy & Security IssuesRFID Privacy & Security Issues
RFID Privacy & Security IssuesBrent Muir
 

Weitere Àhnliche Inhalte

Was ist angesagt?

How to Catch Someone Who Is Cheating Online
How to Catch Someone Who Is Cheating OnlineHow to Catch Someone Who Is Cheating Online
How to Catch Someone Who Is Cheating OnlinePaul Bossky
 
Anonomity on Internet
Anonomity on InternetAnonomity on Internet
Anonomity on InternetMuhammadArif823
 
100812 internet security2.0
100812 internet security2.0100812 internet security2.0
100812 internet security2.0dkp205
 
Research Project Ms
Research Project MsResearch Project Ms
Research Project Msmafer23
 
What if Petraeus was a hacker? Email privacy for the rest of us
What if Petraeus was a hacker? Email privacy for the rest of usWhat if Petraeus was a hacker? Email privacy for the rest of us
What if Petraeus was a hacker? Email privacy for the rest of usPhil Cryer
 
Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19
Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19
Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19Online News Association
 
Internet Quiz
Internet QuizInternet Quiz
Internet Quizlockyerj
 
Honeypot Projects are Everywhere
Honeypot Projects are EverywhereHoneypot Projects are Everywhere
Honeypot Projects are EverywhereChristos Beretas
 

Was ist angesagt? (8)

How to Catch Someone Who Is Cheating Online
How to Catch Someone Who Is Cheating OnlineHow to Catch Someone Who Is Cheating Online
How to Catch Someone Who Is Cheating Online
 
Anonomity on Internet
Anonomity on InternetAnonomity on Internet
Anonomity on Internet
 
100812 internet security2.0
100812 internet security2.0100812 internet security2.0
100812 internet security2.0
 
Research Project Ms
Research Project MsResearch Project Ms
Research Project Ms
 
What if Petraeus was a hacker? Email privacy for the rest of us
What if Petraeus was a hacker? Email privacy for the rest of usWhat if Petraeus was a hacker? Email privacy for the rest of us
What if Petraeus was a hacker? Email privacy for the rest of us
 
Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19
Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19
Rx for Online Harassment: Preparation, Response, Support and Self-Care – ONA19
 
Internet Quiz
Internet QuizInternet Quiz
Internet Quiz
 
Honeypot Projects are Everywhere
Honeypot Projects are EverywhereHoneypot Projects are Everywhere
Honeypot Projects are Everywhere
 

Andere mochten auch

Booting an image as a forensically sound vm in virtual box
Booting an image as a forensically sound vm in virtual boxBooting an image as a forensically sound vm in virtual box
Booting an image as a forensically sound vm in virtual boxBrent Muir
 
Windows 8.x Forensics 1.0
Windows 8.x Forensics 1.0Windows 8.x Forensics 1.0
Windows 8.x Forensics 1.0Brent Muir
 
SanDisk SecureAccess Encryption 1.5
SanDisk SecureAccess Encryption 1.5SanDisk SecureAccess Encryption 1.5
SanDisk SecureAccess Encryption 1.5Brent Muir
 
WinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage ToolWinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage ToolBrent Muir
 
SanDisk SecureAccess Encryption - Forensic Processing & USB Flashing
SanDisk SecureAccess Encryption - Forensic Processing & USB FlashingSanDisk SecureAccess Encryption - Forensic Processing & USB Flashing
SanDisk SecureAccess Encryption - Forensic Processing & USB FlashingBrent Muir
 
Trying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computingTrying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computingBrent Muir
 
Windows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsWindows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsBrent Muir
 
Windows RT Evidentiary Artefacts 1.0
Windows RT Evidentiary Artefacts 1.0Windows RT Evidentiary Artefacts 1.0
Windows RT Evidentiary Artefacts 1.0Brent Muir
 
Malware Spam February 2013
Malware Spam February 2013Malware Spam February 2013
Malware Spam February 2013Brent Muir
 

Andere mochten auch (9)

Booting an image as a forensically sound vm in virtual box
Booting an image as a forensically sound vm in virtual boxBooting an image as a forensically sound vm in virtual box
Booting an image as a forensically sound vm in virtual box
 
Windows 8.x Forensics 1.0
Windows 8.x Forensics 1.0Windows 8.x Forensics 1.0
Windows 8.x Forensics 1.0
 
SanDisk SecureAccess Encryption 1.5
SanDisk SecureAccess Encryption 1.5SanDisk SecureAccess Encryption 1.5
SanDisk SecureAccess Encryption 1.5
 
WinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage ToolWinFE: The (Almost) Perfect Triage Tool
WinFE: The (Almost) Perfect Triage Tool
 
SanDisk SecureAccess Encryption - Forensic Processing & USB Flashing
SanDisk SecureAccess Encryption - Forensic Processing & USB FlashingSanDisk SecureAccess Encryption - Forensic Processing & USB Flashing
SanDisk SecureAccess Encryption - Forensic Processing & USB Flashing
 
Trying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computingTrying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computing
 
Windows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary ArtefactsWindows 10 Forensics: OS Evidentiary Artefacts
Windows 10 Forensics: OS Evidentiary Artefacts
 
Windows RT Evidentiary Artefacts 1.0
Windows RT Evidentiary Artefacts 1.0Windows RT Evidentiary Artefacts 1.0
Windows RT Evidentiary Artefacts 1.0
 
Malware Spam February 2013
Malware Spam February 2013Malware Spam February 2013
Malware Spam February 2013
 

Mehr von Brent Muir

Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Brent Muir
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetBrent Muir
 
Ducky USB - Indicators of Compromise (IOCs)
Ducky USB - Indicators of Compromise (IOCs)Ducky USB - Indicators of Compromise (IOCs)
Ducky USB - Indicators of Compromise (IOCs)Brent Muir
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service AttacksBrent Muir
 
RFID Privacy & Security Issues
RFID Privacy & Security IssuesRFID Privacy & Security Issues
RFID Privacy & Security IssuesBrent Muir
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersBrent Muir
 

Mehr von Brent Muir (6)

Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS Defending Against the Dark Arts of LOLBINS
Defending Against the Dark Arts of LOLBINS
 
Mobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring BudgetMobile Forensics on a Shoestring Budget
Mobile Forensics on a Shoestring Budget
 
Ducky USB - Indicators of Compromise (IOCs)
Ducky USB - Indicators of Compromise (IOCs)Ducky USB - Indicators of Compromise (IOCs)
Ducky USB - Indicators of Compromise (IOCs)
 
Denial of Service Attacks
Denial of Service AttacksDenial of Service Attacks
Denial of Service Attacks
 
RFID Privacy & Security Issues
RFID Privacy & Security IssuesRFID Privacy & Security Issues
RFID Privacy & Security Issues
 
TOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying MarkersTOR Packet Analysis - Locating Identifying Markers
TOR Packet Analysis - Locating Identifying Markers
 

KĂŒrzlich hochgeladen

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 

KĂŒrzlich hochgeladen (20)

[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 

Malware SPAM - March 2013

  • 1. MALWARE SPAM – MARCH 2013 ‱Malicious SPAM is defined by me as any unsolicited email that contains a potential information security risk. This does not include the usual marketing newsletter emails. Only those for which there is not a prior affiliation and that make it into my mail box. Total # Received Type - Viagra Type - Job Type - Green Card Type - Banking Type - LinkedIn Type - Criminal Background Check Type - Other Malicious Link Malicious Attachment Attachment Type - .ZIP Attachment Type - .DOC Attachment Type - . PDF Sent from malformed email header Sent from compromise d known contact Contains my email address in "TO" field Mar-13 10 0 0 0 0 0 1 9 10 0 - - - 7 0 2
  • 2. MARCH 2013 – DETAILS – PAGE 1 Date Type Malicious Link Link Shortener Link Masking Link Host Link Risks Malicious Attachment Attachment Type Sent from malformed email header Sent from compromised known contact Listed Email Host Real Email Host Domain Proxy Service Registration Information Country Hosting Domain (IP) Contains my email address in "TO" field 1 1/03/2013 Ciggarettes ? Yes No Yes - basic amazonaws.com No Yes No yahoo.com 41.142.76.222 41.142.76.222Yes (no Whois record) 41.142.76.222- Unknown, registered to block MAROC TELECOM (ISP) menara.ma 41.142.76.222- Morocco (MAROC TELECOM -ISP, menara.ma ) No (starhub.net.sg listed as receipient) 2 2/03/2013 penial enlargements? Yes No No ydxa.org No Yes No yahoo.com 91.210.101.79 91.210.101.79- Yes (no Whois record) ydxa.org - Yes (DomainsByProxy.com) 91.210.101.79- Unknown, registered to block for UA-NETWORKING LTD (ISP) uanetworking.com (net-art.cz ?) ydxa.org - Unknown 91.210.101.79- UK (via uanetworking.com) ydxa.org - US (via bluehost.com) No (no recipients listed) 3 2/03/2013 Crime warning Yes No Yes - basic amazonaws.com No Yes No yahoo.com 62.244.130.100 62.244.130.100- Yes (no Whois record) 62.244.130.100- Unknown, registered to block Netia Telekom S.A (ISP) 62.244.130.100- Poland (via Netia Telekom S.A. netia.pl) No (yahoo.co.in listed as recipient) 4 7/03/2013 Ciggarettes ? Yes No Yes - basic amazonaws.com No Yes No yahoo.com 81.24.208.123 81.24.208.123- Yes (no Whois record) 81.24.208.123- Unknown, registered to block for NKTV Ltd (ISP) 81.24.208.123- Ukraine (via nktv.mk.ua) No (yahoo.com listed as recipient) 5 10/03/2013Ciggarettes ? Yes No Yes - basic amazonaws.com No Yes No yahoo.com 93.147.117.200 93.147.117.200- No, but Whois record points to ISP record (teletu.it) 93.147.117.200- registered to block for ISP teletu.it, Vodafone Omnitel N.V., Alicom s.r.l., http://www.tol.it, omnitel.it 93.147.117.200- Italy (via vodafone.it) No (yahoo.com listed as recipient) 6 15/03/2013Friend request? Yes No No funniest-pictures.com No Yes No hotmail.com 184.168.152.26 184.168.152.26- No funniest-pictures.com - Yes (DYNADOT Privacy) 184.168.152.26- SECURESERVER.NET funniest-pictures.com - Unknown, registered to block DYNADOT, LLC (ISP) 184.168.152.26- US (via SECURESERVER.NET & Go Daddy) funniest-pictures.com - US (via DYNADOT, LLC) Yes (amongst many others)
  • 3. MARCH 2013 – DETAILS – PAGE 2 Date Type Malicious Link Link Shortener Link Masking Link Host Link Risks Malicious Attachment Attachment Type Sent from malformed email header Sent from compromised known contact Listed Email Host Real Email Host Domain Proxy Service Registration Information Country Hosting Domain (IP) Contains my email address in "TO" field 7 21/03/2013Weight loss? Yes No Yes - basic amazonaws.com No No No yahoo.com yahoo.com No (tpg.com.au listed as recipient) 8 22/03/2013Weight loss? Yes No Yes - basic amazonaws.com Performs File Modification and Destruction: The executable modifies and destructs files which are not temporary. Changes security settings of Internet Explorer: This system alteration could seriously affect safety surfing the World Wide Web. Performs Registry Activities: The executable creates and/or modifies registry entries. No No No yahoo.com yahoo.com 9 23/03/2013Friend request? Yes No No evomerchantservices.org No No No yahoo.com yahoo.com evomerchantservices.org - No evomerchantservices.org - J and S Productions LLC (jstmerchantservices.com) evomerchantservices.org - US (via Global Net Access, LLC gnax.net) No (no recipients listed) 10 24/03/2013Unknown Yes No No Performs File Modification and Destruction: The executable modifies and destructs files which are not temporary. Changes security settings of Internet Explorer: This system alteration could seriously affect safety surfing the World Wide Web. Performs Registry Activities: The executable creates and/or modifies registry entries. No Yes No yahoo.com 83.26.142.16 83.26.142.16- Yes (no Whois record) sv-schaephuysen.de - 83.26.142.16- registered to block tpnet.pl (ISP) TELEKOMUNIKACJA POLSKA S.A. , az.pl sv-schaephuysen.de - STRATO AG 83.26.142.16- Poland (via TELEKOMUNIKACJA POLSKA S.A.) sv-schaephuysen.de - Germany (via STRATO AG, strato.de Yes (amongst many others)