Another day, another bot being spammed
New bot (a Brepibot variant) is being actively spammed. What's interesting about it is that it seems to be targeting universities. Also, it seems that the author is constantly producing new variants of the bot. In last couple of hours we received several samples of the bot:
e5f68caf1c546e00fff964d8ac18d37a Photo and Article.exe
69564b5904d8a4e33d58e25ef6edfd39 Transaction and Billing Services.exe.1
a2d9fc4ece5caa109291b25804ef6f3a photo+article.exe
This bot is working the heavily the social engineering side and playing on the emotions of its targets. One targets a person's ego and the other is targeting people for their sympathy/empathy. Here are some of the subjects that we have seen.
Photo and Article
Campus Student Raped
Do you recognise this person?
CCTV still of Rapist
Rape on Campus
Here are a couple of the message bodies:
"Hello,
We are planning to include you in the new campus magazine in an article titled "Campus Life". Can you approve the photo and article for
+us before we go to printing please?
If any details are wrong then we can amend before printing on Wednesday the 1st of February so please get back to us as soon as possible.
+We have attached the photo and article.
Many Thanks & Best Regards,
Joseph Hope
Editor"
"Hello,
During the early morning of January 25 2006, a campus student was the victim of a horrific sexual assault within college grounds.
+Eyewitnesses report a tall black man in grey pants running away from the scene. Campus CCTV has caught this man on camera and are
+looking for ways to identify him. If anyone recognises the attached picture could they inform administraion immediatly
Regards,
Robert Atkins
Campus Administration"
One attachment was an .exe and the other was a zipped attachment containing an .exe
Please let us know if you see any other variants!!
e5f68caf1c546e00fff964d8ac18d37a Photo and Article.exe
69564b5904d8a4e33d58e25ef6edfd39 Transaction and Billing Services.exe.1
a2d9fc4ece5caa109291b25804ef6f3a photo+article.exe
This bot is working the heavily the social engineering side and playing on the emotions of its targets. One targets a person's ego and the other is targeting people for their sympathy/empathy. Here are some of the subjects that we have seen.
Photo and Article
Campus Student Raped
Do you recognise this person?
CCTV still of Rapist
Rape on Campus
Here are a couple of the message bodies:
"Hello,
We are planning to include you in the new campus magazine in an article titled "Campus Life". Can you approve the photo and article for
+us before we go to printing please?
If any details are wrong then we can amend before printing on Wednesday the 1st of February so please get back to us as soon as possible.
+We have attached the photo and article.
Many Thanks & Best Regards,
Joseph Hope
Editor"
"Hello,
During the early morning of January 25 2006, a campus student was the victim of a horrific sexual assault within college grounds.
+Eyewitnesses report a tall black man in grey pants running away from the scene. Campus CCTV has caught this man on camera and are
+looking for ways to identify him. If anyone recognises the attached picture could they inform administraion immediatly
Regards,
Robert Atkins
Campus Administration"
One attachment was an .exe and the other was a zipped attachment containing an .exe
Please let us know if you see any other variants!!
Keywords:
0 comment(s)
×
Diary Archives
Comments