Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Mobile Vulnerabilities

  • Zero-Day Alerts

  • Recent Posts

  • Calendar

    September 2015
    S M T W T F S
    « Aug    
  • Email Subscription

  • About Us

    Spam has gone audible, or at least spam generated by yes-they’re-at it-again the Storm network. It has been confirmed that the celebotnet of the moment employs yet another deviously creative gimmick to further its pump-and-dump stock scams. Trend Micro threat analyst David Sancho confirmed that EMEA TrendLabs’ Storm system has been catching a lot of spammed email messages with attachments such as the following:

    • babylaugh.mp3
    • bartsimpson.mp3
    • cassidy.mp3
    • chrisbrown.mp3
    • ringtones.mp3

    Yup, you’ve heard, er, you’ve read it right folks. Spam are now carrying MP3 files. These babies don’t even have Subject and Message Body details. The MP3 files speak for themselves, literally. Transcribed, the attached files usually say the following pitch in a female android voice:

    hallo, this is an invest-tone alert
    hexitone ring incorporated has announced that it’s ready
    to launch it’s new textforcards dot com Web site,
    already a huge success in Canada.
    We are expecting amazing results in the USA
    go read the news and get on EXTO
    that symbol again is EXTO
    thank you

    File size ranges roughly from 50-120KB. This “invest-tone” alert appears to be marketing the stock EXTO of Exit Only, Inc., an Internet company that sells and buy cars via Stock Web sites show that this particular stock, as of 2:12 PM EST, has its price on a slow rise. Tsk, tsk.

    Trend Micro researcher Ivan Macalintal analyzed some of the mail samples and identified the distinctive string “LAME” in the offset:

    0001e8b0h: 55 55 55 4C 41 4D 45 33 2E 39 37 55 55 55 55 55 ; UUULAME3.97UUUUU

    This may be connected to LAME, an open source shareware MP3 encoder/decoder, mainly popular to Unix users.

    There’s just no abating for the Storm network. It has now gone and done a caterwaul of a musical. Yes, we are certainly ‘hearing’ the menace of Storm annoyingly loud and cringingly clear.

    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   StumbleUpon


    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice