Canadian Pharmacy « Webroot Threat Blog

Malicious PHP Scripts on the Rise

February 22, 2011 – 4:34 pm

By Andrew Brandt Last week, I gave a talk at the RSA Security Conference about malicious PHP scripts. For those who can’t attend the conference, I wanted to give you a glimpse into this world to which, until last year, I hadn’t paid much attention. My normal week begins with a quick scan of malware [...]

By mguthrie09 | Posted in Destructive behavior, Enterprises, phishing, social engineering, spam, Stupid malware tricks, Threat Research, Uncategorized, Website owners | Tags: Canadian Pharmacy, ELF, Mal-ELF, Mala Direta, Pbot, Perl, PHP, Python, Remote shell, TRxMS, TRxNC | Comments (3)

Subscription Renewal Spam Points to Drive-by

August 6, 2010 – 1:10 pm

By Andrew Brandt Dear Customers: Please be aware that a crew of Russian malware distributors are circulating a spam message which looks like a subscription renewal confirmation from Best Buy, allegedly for one of our products. The linked text in the message, however, leads to a Web site which performs a drive-by download. Please don’t [...]

By mguthrie09 | Posted in Destructive behavior, Downloaders, Rogue Security Products, social engineering, spam, Stupid malware tricks, Threat Research | Tags: Best Buy, blockoctopus.ru, Canadian Pharmacy, please waiting 4 second..., spruceteam.com, webroot, yummyeyes.ru | Comments (4)

Facebook Spam Leads to Viagra Vendor, Drive-by Download

May 28, 2010 – 10:08 am

By Andrew Brandt Annoying as they are, the spam emails circulating that supposedly come from Facebook don’t merely lead the recipient to one of those so-called Canadian Pharmacy pill-vendor websites. They now come with a bonus: An infection, courtesy of a malicious iframe which attempts a series of exploits against the browser, Adobe Reader, and [...]

By mguthrie09 | Posted in Downloaders, social engineering, social networks, spam, Stupid malware tricks | Tags: Adobe Flash exploit, Adobe Reader exploit, browser exploit, Canadian Pharmacy, Daonol, facebook, Facebook Notify, Facebook Service, malicious iframe, spam, This message was intended for you, Trojan-PWS-Daonol | Comments (1)

Massive Spam Campaign Impersonates Social Networks

February 5, 2010 – 4:25 pm

By Andrew Brandt Spammers are the source of a flood of messages that appear to originate from various social networks, including Facebook and Myspace, as well as popular sites like iTunes. The spam messages usually just contain a link, and possibly a few words. Their subject matter falls into three general categories common to most [...]

By mguthrie09 | Posted in social engineering, social networks, spam | Tags: Canadian Pharmacy, facebook, itunes, myspace, Online Pharmacy, russian brides, Said, sent them to all ur friends, some jerk has posted your pictures, spam, that he is an idiot, Trojan-Backdoor-Zbot, u understand what kind of pictures are there, Zbot | Comments (5)

Follow

Follow “Webroot Threat Blog”

Powered by WordPress.com