10-31-2009 01:57 PM
While looking through some recent customer submissions a particular filename caught my attention. It was called “googlewaveinvitegenerator.exe”. Google Wave is a new communication application being developed by Google. Many people who missed the initial sign up for this application are now seeking invites to the service. Certain bad guys have latched onto this and are attempting to take advantage of the situation to push malware. In this case the malware in question is Backdoor.Tidserv. It’s also worth pointing out Google Wave was only selected because of its current popularity. Using a trusted brand like this also increases the chance of success for the attacker. This technique is something we see all of the time.
You can read the rest of this Blog here: Xrumer: The Spammer's Toolkit.
P.S.: My thanks goes to Patrick Fitzgerald for taking the time to Post this Blog, and the rest of the Team for taking the time to Post the Blogs that you do.