Cybercriminals offer spam-ready SMTP servers for rent/direct managed purchase


By Dancho Danchev

We continue to observe an increase in underground market propositions for spam-ready bulletproof SMTP servers, with the cybercriminals behind them trying to differentiate their unique value proposition (UVP) in an attempt to attract more customers.

Let’s profile the underground market propositions of what appears to be a novice cybercriminal offering such spam-ready SMTP servers and discuss their potential, as well as the re-emergence of bulletproof SMTP servers as a propagation method of choice.

More details:

Continue reading

Spamvertised CareerBuilder themed emails serving client-side exploits and malware


By Dancho Danchev

End and corporate users, and especially CareerBuilder users, beware!

Cybercriminals are currently spamvertising millions of emails impersonating the popular jobs portal CareerBuilder in an attempt to trick users into  clicking on client-side exploits serving links.

The current campaign, originally circulating in the wild since¬†26 Apr, 2012, is a great example of a lack of QA (quality assurance) since they’re spamvertising a binary that’s largely detected by the security community.

More details:

Continue reading