Deconstructing a Pump-and-Dump Spam Trojan - Infected Files

 
 
By eweek  |  Posted 2012-05-28 Print this article Print
 
 
 
 
 
 
 
 
 
Previous
Deconstructing a Pump-and-Dump Spam Trojan - Infected Files
Next

The names of infected files include the entire path to the file on the users system. Since a large number of viruses and trojans utilize the users temporary directory (under C:\Documents and Settings\[USERNAME]\Local Settings\Temp) as a drop point, t

 

SecureWorks researcher Joe Stewart reverse-engineers a SpamThru Trojan and finds evidence of a well-heeled spam operation attempting to manipulate penny stocks. These images show the scammers at work.

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel