MacHouse video tutorials for Mac search engine optimization Spam database Web Hosting providers Web Hosting review web hosting providers MacHouse Help

August 13, 2008

Beware of Nicole Kidman Scandal Tape Malware Distribution Spam Mail

Filed under: Internet security — Administrator @ 12:28 pm
Posted about 2 years and 0 months ago

anti spam






TOKYO (MacHouse) - More than 3 hours ago, an organized cyber criminal group sent out a spam message with the title of Last news for Ivory Howe (See Screenshot 01.) The body of the message is very simple. It only says






Nicole Kidman Scandal Tape. See now!






with an underlying link to http://www.failie-mueller-koeln.de/newfolder/update.php. As you guess, the destination of the forwarding link has nothing to do with a Nicole Kidman scandal of any sort. The website at the destination is apparently hacked to host a file which indeed contains malware. If you have received a similar spam message, therefore, you are advised to trash it without clicking on the link message.





Nicole Kidman Scandal Tape spam malware
Screenshot 01 - Source: MacHouse
  Nicole Kidman Scandal Tape spam malware
Screenshot 02 - Source: www.familie-mueller-koeln.de
  Nicole Kidman Scandal Tape spam malware
Screenshot 03 - Source: MacHouse






If you visit the web page at the underlying link in the message, you will be immediately forced to download a file titled name.avi.exe. (See Screenshot 02.) According to Sophos Anti-Virus, this suspicious contains malware, which they call Mal/EncPk-CZ. (See Screenshot 03-5.)





Nicole Kidman Scandal Tape spam malware
Screenshot 04 - Source: Sophos security analysis
  Nicole Kidman Scandal Tape spam malware
Screenshot 05 - Source: Sophos security analysis
  Nicole Kidman Scandal Tape spam malware
Screenshot 06 - Source: STRATO AG






The website hosted at the domain of familie-mueller-koeln.de is likely to be the victim of site hacking. This website is believed to be hosted by a German web hosting called STRATO AG (strato.de). (Screenshot 06 shows its index page.)






Click on the button to watch a documentation video. VTC
Click on the button to watch more documentation videos. VTC






References:

Sophos security analysis: Mal/EncPk-CZ Malicious Behavior





********** ********** ********** ********** ********** ********** ********** **********

MacHouse is not funded by tax payers' money. We have limited resources. We also need time to sleep and eat just as others. So we will not act as the International police to contact all victims of website abuse. All you have to do is to subscribe to spam messages and spam posts. If we can, why don't you?







Leave a Reply


You are prohibited from posting comments merely to advertise your website. Please read Rules and About This Blog at the top menu bar for more information.

Because of spam-comment criminals, we are forced to manually moderate every comment that you may post. Your comment will appear only after we review and then approve it. It will take us several hours at most to review it.

Please note that all one-sentence comments will be automatically rejected as an anti-spam measure.

Subscribe without commenting