What is TrustedSource? | Create Account | Login 
Secure Computing Corporation
 
Home  Threats and Trends  TrustedSource™ Blog
TrustedSource™ Query
Enter IP address, CIDR range, domain name or URL:
Search
 

TrustedSource™ Blog

A new threat from “Angelina Jolie”

July 21st, 2008

Secure Computing’s TrustedSource Research Team has recently detected a new Web-based malware and spam email attack that features news on Angelina Jolie as a bait. Both the Web and email campaign were detected jointly by SecureWeb (Webwasher) and SecureMail (Ironmail) appliances and successfully correlated by TrustedSource.

On average, about 2.28% of the total global daily email volume contains subjects like “Angelina Jolie naked,” “Angelina Jolie nude movie,” and “Angelina Jolie naked video” etc. About 100,000 unique IP addresses have been identified responsible for this spam on the first day of its outbreak.

The spam campaign contains a URL linked to an executable binary, mostly seen as msvideoc.exe hosted at multiple domains. SecureWeb’s proactive scanning engine identifies it as Trojan.Crypt.XPACK.GEN,” and SecureWeb / Secure Web Protection Service users were protected from the beginning.

The spam volume trend figure reported by SecureMail below shows spikes on July 16th and 18th (see graph below). A similar trend has been discovered by SecureWeb that end-user clicks on the URLs across numerous domains linking to this malware have been seen starting on July 16th and peaking on the 18th.

Spam Email screenshot Malware detection by Secure Web Protection Service

Back to TrustedSource™ Blog overview

Secure Computing Corporate Homepage | Contact | Privacy Policy | Disclaimer

Copyright © 2007-2008 Secure Computing Corporation. All Rights Reserved.

ANY INFORMATION PROVIDED BY SECURE COMPUTING ON THIS BLOG ARE OFFERED "AS IS" WITH NO EXPRESS OR IMPLIED WARRANTIES, CLAIMS, PROMISES OR GUARANTEES ABOUT THE ACCURACY, COMPLETENESS, OR ADEQUACY OF THE INFORMATION CONTAINED IN OR LINKED TO AND NO RIGHTS ARE CONFERRED. BY USING THIS BLOG, YOU ASSUME ALL RISK FOR YOUR USE. IN NO EVENT WILL SECURE COMPUTING BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, INCIDENTAL, EXEMPLARY, OR OTHER DAMAGES WHETHER OR NOT SECURE COMPUTING HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH LOSS OR DAMAGE. SECURE COMPUTING HAS NO OBLIGATION TO POST BLOG SUBMISSIONS OR RESPONSES.