Monday, February 11, 2008

And so it begins.....

The new wave of storm is flowing just in time for Valentines. At the time of this post I've only recieved 3 emails for it and I imagine a lot more to come.

The first with the subject "Phone Love" and a body that simply contained the following:
Love Machine http:// 24.131.212.16/

I of course went to the page to get the newest version and this was the image I found

















Onto the next one I received:
Subject: Valentine Invitation
Body:
Happy Valentine's Day! http:// 200.75.106.166

<---And yet another pretty pic Now for the third:

Subject: Be My Valentine
Body:
Valentine Friends http:// 59.92.53.16/

Ahh another pretty pic, reminds me a elementary school.






The ones thing all of the files have in common is no detection at the time of the post!
Be very careful opening any valentines emails that you receive they could be more trouble than you ever wanted.

http:// 24.131.212.16/ - valentine.exe MD5: d1789d5bbc74bcf4def368f9b9db303e
http:// 200.75.106.166/ - valentine.exe MD5: 8ef7be6c05aca940b1e9cf677d471a41
http:// 59.92.53.16/ - valentine.exe MD5: 74ca598169f8fdee49d04e22c8ac7514

While I was writing this I received another one but it seems to be dead already. Here is the info from it.

Subject: You're Super Sweet
Body:
Love Rose http:// 203.128.211.219/

I've stayed away from the technical details here at least for now. Our friends over at asert.arbornetworks.com have posted some details check it out at:
http://asert.arbornetworks.com/2008/02/new-storm-valentines-day-campaign/

Edit:

Here's some more if the images:


More subject lines and bodies:

Just you: Rockin' Valentine http:// 71.156.93.100/
Rockin' Valentine: My Love http:// 65.34.217.24/
Rockin' Valentine: Powerful Love http:// 58.63.155.16/
My Heart: World Love http:// 76.68.144.52/


Safe surfing!
Uploadmalware.com

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)