Deconstructing a Pump-and-Dump Spam Trojan - Infected Files

 
 
By eweek  |  Posted 2012-05-28 Email Print this article Print
 
 
 
 
 
 
 
 

SecureWorks researcher Joe Stewart reverse-engineers a SpamThru Trojan and finds evidence of a well-heeled spam operation attempting to manipulate penny stocks. These images show the scammers at work.

 
 
 

The names of infected files include the entire path to the file on the users system. Since a large number of viruses and trojans utilize the users temporary directory (under C:\Documents and Settings\[USERNAME]\Local Settings\Temp) as a drop point, t

Deconstructing a Pump-and-Dump Spam Trojan - Infected Files
 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Thanks for your registration, follow us on our social networks to keep up-to-date
Rocket Fuel