Last April, we reported a KULUOZ spam campaign using the South Korean ferry sinking tragedy, one that came hot at the heels of the actual event itself. KULUOZ, as we tackled during that blog entry, is a malware that is distributed by the Asprox botnet. It can download certain strains of FAKEAV and ZACCESS malware…
Read MoreAdvances in spam detection meant that spam operators had to find ways to circumvent new technologies. For instance, Asprox made significant improvements in their spam and module architecture whereas Pushdo made use of decoy network traffic. Recently, we have discovered a new simple method used by a spam botnet we named StealRat. It consists of…
Read MoreWhile spam botnets are well-known for sending out unwanted ads, especially for “rogue” pharmaceutical companies, they are also an integral component of malware distribution. In addition to sending out their own malware so that they can increase the size of their botnet, the miscreants behind these operations also earn revenue by installing additional malware supplied…
Read MoreClever mnemonics aside, last week we have seen another large scale SQL injection attack (or YAMSIA, if you prefer), this time being orchestrated by a botnet that has become known as Asprox—but first, a history lesson. The code behind the Asprox botnet seems to have been around for quite some time now, but it was…
Read More