Federal Reserve Spam

hellkyng · **Joined:** Thu Jun 17, 2010 5:37 pm **Posts:** 18

There has been a fairly well documented recent batch of Federal Reserve spam/phish being sent out. As documented here: http://garwarner.blogspot.com/2011/03/federal-reserve-spam.html

I never found an active domain while it was going on (GoDaddy did a nice job of cleaning the malicious domains), but from what I understand it was dropping some banking trojans. Does anyone happen to know which trojan specifically it was dropping? Or does anyone happen to have a copy of the malware, unfortunately I find myself needing to dig into this specific incident.

Thanks,
Helly

Volksjaeger · **Joined:** Thu Dec 25, 2008 8:39 pm **Posts:** 786

From the previous incident of this type "Nacha":
[url] http://www.computersecurityarticles.inf ... d-to-zeus/
[/url]

NotBuyingIt · **Joined:** Sun Jun 13, 2010 5:22 pm **Posts:** 528

(I deleted my remark because I decided that it was irrelevant to this thread. It is errie to see "Entireweb [spider] browsing this forum" as I edit.)

AlphaCentauri · **Joined:** Thu Mar 01, 2007 3:01 am **Posts:** 5915

NotBuyingIt wrote:

It is errie to see "Entireweb [spider] browsing this forum" as I edit.)

Yeah, since we realized we could add additional user agents besides Yahoo and Google, it's pretty amazing how many of our guests are actually bots. I didn't realize Alexa = Internet Wayback Machine, either.

moranned · **Joined:** Fri Nov 19, 2010 10:42 pm **Posts:** 1

these attacks continue unbated. the most recent occurred on 2011-04-22 and spoofed NACHA.

the attacks all follow the same patterns and all drop Zeus 2.1.

InBoxRevenge KS Forum

Federal Reserve Spam

Who is online