McAfee Avert Labs has observed a new wave of pump-and-dump spam today that we believe to be originating from the Storm worm botnet. The spammed .mp3 attachments promote a company enjoying huge success in Canada and expecting amazing results in the USA.
These audio files are of very poor quality and one has to literally strain one’s ears to hear what’s being announced. The spammed .mp3 files have been encoded using “LAME 3.97“–an open-source mp3 encoder. The filenames are pretty dynamic; here’s a list:
In the last year or so we have seen multiple file types being used in spam runs in an attempt to subvert traditional anti-spam detection techniques. From plain text to ASCII art, image spam, DOC, FDF, PDF, RAR, and XLS–thinking out of the box has given stunning results for these creative spammers.
No comments:
Post a Comment