New phishing scam ?? - China Earthquake.
CastleCops
-> Phishing, Fraud and Dastardly Deeds
Author: logicman_alf, Location: UK
Posted: Wed Jun 25, 2008 3:55 am Post subject: New phishing scam ?? - China Earthquake.
found in google search results.
no header info.
email body text:
Terrible earthquake devastated Beijing http://189.58.116.159/
Trace:
189.58.116.159 is from Brazil(BR) in region South and Central America
TraceRoute to 189.58.116.159 [189.58.116.159.adsl.gvt.net.br]
Hop (ms) (ms) (ms) IP Address Host name
1 11 5 5 72.249.0.65 -
2 7 5 5 206.123.64.22 -
3 50 134 103 216.52.189.9 border4.g3-2.colo4dallas-3.ext1.dal.pnap.net
4 7 6 6 216.52.191.38 core1.tge5-1-bbnet1.ext1.dal.pnap.net
5 8 6 11 65.208.15.229 0.ge-0-1-0.gw3.dfw13.alter.net
6 8 7 6 152.63.100.74 0.so-3-3-0.xl3.dfw13.alter.net
7 9 7 7 152.63.102.234 0.so-1-2-0.xt3.dfw9.alter.net
8 8 7 10 152.63.99.2 0.so-6-0-0.br6.dfw9.alter.net
9 12 8 12 64.215.195.45 pos9-2-2488m.ar2.dal2.gblx.net
10 189 188 189 64.214.142.82 -
11 172 168 168 189.59.246.5 gvt-so-4-3-0-rc02.cta.gvt.net.br
12 177 173 166 189.59.254.50 gvt-host.gvt.net.br
13 180 182 174 189.59.252.126 gvt-at-2-1-0.rd01.jve.gvt.net.br
14 Timed out Timed out Timed out -
15 Timed out Timed out Timed out -
Author: pwillener, Location: Japan
Posted: Wed Jun 25, 2008 4:10 am Post subject:
I think it's a malware distribution run; I have received several, but all IP addresses were inaccessible when I tried.
Author: AlphaCentauri,
Posted: Wed Jun 25, 2008 10:17 pm Post subject:
That's the new Nuwar/Zhelatin/whatever spam. They apparently got tired of being the "storm worm" and the "postcard virus," so now they're trying to be the "earthquake trojan." 
CastleCops
-> Phishing, Fraud and Dastardly Deeds
All times are GMT
Page 1 of 1
Powered by phpBB © 2001 phpBB Group