German Language SPAM
The ISC has received several reports German language SPAM being received in large quantities. Analysis by the ISC's Johannes Ulrich shows the content of the samples received to be political in nature, and seem to have been generated by DSL/Cable connected systems, a possible indication that a virus or botnet is being used to propagate the SPAM.
Of note, one of the e-mails contained the phrase "Comment by the author of Sober"
Update: We captured the malware behind this. It is a version of
Sober. Right now, only one virus scanner identifies it as such. The
version we obtained uses the filename 'datacrypt.exe'.
For More Information
For more information on stopping spam and e-mail issues in general, take a look at the 'e-mail issues' section of the SANS Reading Room located at:
Jun 11th 2004
1 decade ago