Friday, August 31, 2007 2:15 PM
cmosby
McAfee Avert Labs Blog - Nuwar/Zhelatin/Storm took a nap
Nuwar/Zhelatin/Storm took a nap
Friday August 31, 2007 at 7:16 am CST
Posted by Dirk Kollberg
Trackback
While monitoring the Nuwar/Zhelatin/Storm network, I noticed the bot stoped sending out emails on Thursday at 9.45pm UTC.
No more postcards? No more Pump&Dump spam? Or just a bug in my setup?
This morning at 7.00am UTC, still not a single mail. But I saw the bot connecting to the Peer-to-Peer network and transfering data - the same way it used to do the last several days.
I gave MessageLabs a call and they confirmed that the number of intercepted emails containing Nuwar related links had diminished considerably in the past few hours.
So it’s not my goat setup behaving different as expected.
Time to party? Unfortunately not - at 10.45am UTC, my system sent me an alert. New mails got captured. Well, at least it took a nap for 13 hours.
Watch out for mails offering videos from either:
Snoop Dog, Beyonce, Hurricane Chris, Emenem, Lil Mama, Heuy, Chris Brown, Eagles, T-Pain, Fergie, R. Kelly, Sean Kingston, Kelly Clarkson, Velvet Revolver, Fat Boy, Akon, Rihanna, Foo Fighters.
For example:
Source: Computer Security Research - McAfee Avert Labs Blog
Filed under: Security and Anti-Virus, Internet Hacks, Spam\Phishing