Response Rate for an IM Malware Attack

Wednesday, April 30, 2008

Response Rate for an IM Malware Attack

Remember the MSN Spamming Bot in action? Consider this screenshot not just as a real-example of IM spamming in action, but also, pay attention to the response rate with the number of messages sent, and response in the form of new malware infected hosts joining an IRC channel. Keeping it Simple Stupid to directly spam the binary locations is still surprisingly working, taking Stormy Wormy's last several campaigns, but with the recent spamming of live exploit URls and malware using Google ads as redirector, for instance :

- google.com/pagead/iclk?sa=l&ai=dhobOez&num=57486&adurl=http://mpharm.hr/video_233.php
- google.com/pagead/iclk?sa=l&ai=YQdWjxe&num=81899&adurl=http://www.1-pltnicka.sk/lib_vid.php
- google.com/pagead/iclk?sa=l&ai=MKRCVFW&adurl=//bestsslscripts.com/goog/online-casino-gambling.html
- google.com/pagead/iclk?sa=l&ai=Hydrocodone&num=001&adurl=http://hydrocodone.7-site.info

the response rate for the campaign can change in a minute. Go through a related post on "Statistics from a Malware Embedded Attack" taking another perspective into consideration.

Dancho Danchev

Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com

Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

Wednesday, April 30, 2008

Response Rate for an IM Malware Attack

No comments:

Post a Comment