Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Support > Warning - pump and dumpers sending out trojan pointers

Reply
Thread Tools

Warning - pump and dumpers sending out trojan pointers

 
 
Tester
Guest
Posts: n/a
 
      08-19-2007
I'm getting greeting card-type spam (pointing to trojans) from the
same IP's where I get wonderful advice about Chinese penny stocks as
PDF attachments with the two spams being sent a few minutes apart.

I assume the machines associated with the IP's that send the spam and
those that host the trojans are infected. (running remote control
servers unbeknownst to their owner.

The victim is told about some "hot" pictures and invited to go to
http://255.254.253.252/ (fake IP given here) which redirects through
javascript/IE/Firefox exploits to
http://255.254.253.252/msdataaccess.exe which is trojan.packed.13.

I assume the pump and dump criminals don't have enough machines in
their botnet and needs yours.

By the way, I was told by abuse at state.or.us, after I received some
pillz spam through their IP space that THEY had had problems with
"greeting card"/"trojan pointer" spam.

 
Reply With Quote
 
 
 
 
Meat Plow
Guest
Posts: n/a
 
      08-19-2007
On Sun, 19 Aug 2007 17:57:58 +0000, Tester wrote:

> I'm getting greeting card-type spam (pointing to trojans) from the
> same IP's where I get wonderful advice about Chinese penny stocks as
> PDF attachments with the two spams being sent a few minutes apart.
>
> I assume the machines associated with the IP's that send the spam and
> those that host the trojans are infected. (running remote control
> servers unbeknownst to their owner.
>
> The victim is told about some "hot" pictures and invited to go to
> http://255.254.253.252/ (fake IP given here) which redirects through
> javascript/IE/Firefox exploits to
> http://255.254.253.252/msdataaccess.exe which is trojan.packed.13.
>
> I assume the pump and dump criminals don't have enough machines in
> their botnet and needs yours.
>
> By the way, I was told by abuse at state.or.us, after I received some
> pillz spam through their IP space that THEY had had problems with
> "greeting card"/"trojan pointer" spam.


I've been getting these for weeks, maybe months. Worked on a laptop that
was infected with this ****. Had a whole slew of connections established
when I did a netstat -an in a dos box.

 
Reply With Quote
 
 
 
 
WhzzKdd
Guest
Posts: n/a
 
      08-19-2007
"Meat Plow" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Sun, 19 Aug 2007 17:57:58 +0000, Tester wrote:
>
>> I'm getting greeting card-type spam (pointing to trojans) from the
>> same IP's where I get wonderful advice about Chinese penny stocks as
>> PDF attachments with the two spams being sent a few minutes apart.
>>

<snip>
>
> I've been getting these for weeks, maybe months.
>

yeah - I wonder what planet Tester has been on...



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
pointers, pointers, pointers... cerr C Programming 12 04-07-2011 11:17 PM
Re: "Win32:Trojan-gen. {VC}""Win32.trojan-gen.{UPX!}" jamesa01 Computer Support 2 02-27-2006 02:54 PM
"Win32:Trojan-gen. {VC}" "Win32:Trojan-gen. {UPX!}" D@Z Computer Support 5 01-30-2006 07:52 PM
New trojan spam tells you where to download trojan as "MS beta antispy" Joel Rubin Computer Support 2 03-07-2005 02:26 AM
OT for the dumpers Consultant MCSE 4 12-01-2004 02:31 PM



Advertisments