SANS Institute reported on Monday, June 11 2007, that several well known anti-spam organizations such as Spamhaus, SURBL (Spam URI Realtime Blocklists) and URIBL (Realtime URI Blacklist) have been targeted in attempt to bring them down. For the full story read PC World article.
Less than 2 weeks ago we reported the use of perfectly formatted AT&T Wireless emails that included multiple links to malware infested sites. These have now been followed up with similar emails – but the “carrier” has switched to Verizon Wireless.
The Verizon emails also lead to sites hosting malware – although there are far fewer links in the email – and the same compromised site is used repeatedly in each email (in the AT&T attack, up to 9 different sites were used). The same gang appears to be behind both attacks since the link structure is identical:
The same vulnerabilities are once again exploited via the scripts on the sites.
The fully functional homepage of the compromised site is shown below.