25. Juli 2009 - MG Blog

Wie Die Woche schon hier Berichtet : “Falsche ebay news mit Trojaner im Anhang” geht die Mail Viren floot wohl nun weiter, die mails treffen ein mit dem Betreff : You have received an eCard und genau das wird von z.b. Kaspersky angeprangert :/ecard.zip/ecard.exe

Meinen Mail Server habe ich so eingerichtet das wirklich fast alles durch kommt damit wirklich so wenig mails die Wichtig sind abhanden kommen und filtere erst local hier mit “Spamihilator” ( kann ich nur weiter empfehlen ) .

Hier mal ein kleiner Auszug aus meinen Logs von Gestern und Heute :

24.07.2009 10:06:22 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 10:03:33]/ecard.zip/ecard.exe
24.07.2009 10:06:22 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 10:03:33]/ecard.zip/ecard.exe
24.07.2009 09:50:41 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 09:48:27]/ecard.zip/ecard.exe
24.07.2009 09:50:41 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 09:48:27]/ecard.zip/ecard.exe
24.07.2009 09:50:37 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Craig Lackey sent you a postcard from 1001 Postcards!][Time:2009/07/24 09:48:22]/text/html
24.07.2009 09:24:32 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:37:03]/ecard.zip/ecard.exe
24.07.2009 09:24:32 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:37:03]/ecard.zip/ecard.exe
24.07.2009 09:24:27 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:24]/ecard.zip/ecard.exe
24.07.2009 09:24:27 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:24]/ecard.zip/ecard.exe
24.07.2009 09:24:23 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 02:16:53]/ecard.zip/ecard.exe
24.07.2009 09:24:23 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 02:16:53]/ecard.zip/ecard.exe
24.07.2009 09:24:18 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 23:48:28]/ecard.zip/ecard.exe
24.07.2009 09:24:18 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 23:48:28]/ecard.zip/ecard.exe
24.07.2009 09:24:14 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 22:42:02]/ecard.zip/ecard.exe
24.07.2009 09:24:14 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 22:42:02]/ecard.zip/ecard.exe
24.07.2009 09:22:36 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 06:06:58]/ecard.zip/ecard.exe
24.07.2009 09:22:36 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 06:06:58]/ecard.zip/ecard.exe
24.07.2009 09:22:02 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Cleo Hutchinson sent you a postcard from 1001 Postcards!][Time:2009/07/24 04:57:30]/text/html
24.07.2009 09:21:48 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Ervin Lacey sent you a postcard from 1001 Postcards!][Time:2009/07/24 04:35:38]/text/html
24.07.2009 09:21:34 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:56]/ecard.zip/ecard.exe
24.07.2009 09:21:34 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:56]/ecard.zip/ecard.exe
24.07.2009 09:21:33 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:20]/ecard.zip/ecard.exe
24.07.2009 09:21:33 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:20]/ecard.zip/ecard.exe
24.07.2009 09:21:30 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 02:16:50]/ecard.zip/ecard.exe
24.07.2009 09:21:30 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 02:16:50]/ecard.zip/ecard.exe
24.07.2009 09:21:09 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 07:59:40]/ecard.zip/ecard.exe
24.07.2009 09:21:09 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 07:59:40]/ecard.zip/ecard.exe
24.07.2009 09:19:49 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Jerrold Roth sent you a postcard from 1001 Postcards!][Time:2009/07/23 23:28:47]/text/html
24.07.2009 09:19:38 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 22:50:45]/ecard.zip/ecard.exe
24.07.2009 09:19:38 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 22:50:45]/ecard.zip/ecard.exe
24.07.2009 09:05:07 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 06:06:58]/ecard.zip/ecard.exe
24.07.2009 09:05:07 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 06:06:58]/ecard.zip/ecard.exe
24.07.2009 09:04:33 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Cleo Hutchinson sent you a postcard from 1001 Postcards!][Time:2009/07/24 04:57:30]/text/html
24.07.2009 09:04:07 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Ervin Lacey sent you a postcard from 1001 Postcards!][Time:2009/07/24 04:35:38]/text/html
24.07.2009 09:03:41 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:56]/ecard.zip/ecard.exe
24.07.2009 09:03:41 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:56]/ecard.zip/ecard.exe
24.07.2009 09:03:40 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:20]/ecard.zip/ecard.exe
24.07.2009 09:03:40 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:36:20]/ecard.zip/ecard.exe
24.07.2009 09:03:37 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 02:16:50]/ecard.zip/ecard.exe
24.07.2009 09:03:37 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 02:16:50]/ecard.zip/ecard.exe
24.07.2009 09:02:54 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Helga Rouse sent you a postcard from 1001 Postcards!][Time:2009/07/24 00:52:15]/text/html
24.07.2009 09:02:40 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 23:48:09]/ecard.zip/ecard.exe
24.07.2009 09:02:40 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 23:48:09]/ecard.zip/ecard.exe
24.07.2009 09:01:55 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 22:41:17]/ecard.zip/ecard.exe
24.07.2009 09:01:55 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 22:41:17]/ecard.zip/ecard.exe
24.07.2009 08:59:01 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Claudia Schroeder sent you a postcard from 1001 Postcards!][Time:2009/07/23 20:35:19]/text/html
24.07.2009 08:54:52 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:55:06]/ecard.zip/ecard.exe
24.07.2009 08:54:52 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 03:55:06]/ecard.zip/ecard.exe
24.07.2009 08:54:11 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 02:06:51]/ecard.zip/ecard.exe
24.07.2009 08:54:11 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 02:06:51]/ecard.zip/ecard.exe
24.07.2009 08:52:20 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Sean Bowers sent you a postcard from 1001 Postcards!][Time:2009/07/24 00:34:10]/text/html
24.07.2009 08:51:53 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 23:30:51]/ecard.zip/ecard.exe
24.07.2009 08:51:53 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/23 23:30:51]/ecard.zip/ecard.exe

Im Moment genau 54 Ergebnisse :8O:

und :

25.07.2009 18:07:42 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Vern Costello sent you a postcard from 1001 Postcards!][Time:2009/07/25 17:59:49]/text/html
25.07.2009 16:37:54 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 16:30:47]/ecard.zip/ecard.exe
25.07.2009 16:37:54 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 16:30:47]/ecard.zip/ecard.exe
25.07.2009 15:27:42 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 15:25:08]/ecard.zip/ecard.exe
25.07.2009 15:27:42 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 15:25:08]/ecard.zip/ecard.exe
25.07.2009 15:07:43 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 15:06:47]/ecard.zip/ecard.exe
25.07.2009 15:07:43 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 15:06:47]/ecard.zip/ecard.exe
25.07.2009 15:07:14 Gelöscht: Trojan-Spy.Win32.Zbot.gen Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 15:01:54]/ecard.zip/ecard.exe
25.07.2009 15:07:14 Gefunden: Trojan-Spy.Win32.Zbot.gen Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 15:01:54]/ecard.zip/ecard.exe
25.07.2009 14:07:12 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 13:57:46]/ecard.zip/ecard.exe
25.07.2009 14:07:12 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 13:57:46]/ecard.zip/ecard.exe
25.07.2009 13:57:42 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Violet Hinson sent you a postcard from 1001 Postcards!][Time:2009/07/25 13:52:28]/text/html
25.07.2009 13:27:12 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Tory Jarrett sent you a postcard from 1001 Postcards!][Time:2009/07/25 13:20:07]/text/html
25.07.2009 12:52:30 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 11:38:11]/ecard.zip/ecard.exe
25.07.2009 12:52:30 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 11:38:11]/ecard.zip/ecard.exe
25.07.2009 08:29:57 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Cecelia Couch sent you a postcard from 1001 Postcards!][Time:2009/07/24 22:43:10]/text/html
25.07.2009 08:28:48 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 05:48:24]/ecard.zip/ecard.exe
25.07.2009 08:28:48 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 05:48:24]/ecard.zip/ecard.exe
25.07.2009 08:28:22 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Shannon Guerrero sent you a postcard from 1001 Postcards!][Time:2009/07/25 04:57:16]/text/html
25.07.2009 08:27:54 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Edna Pearce sent you a postcard from 1001 Postcards!][Time:2009/07/25 04:11:36]/text/html
25.07.2009 08:27:25 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 00:19:25]/ecard.zip/ecard.exe
25.07.2009 08:27:25 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 00:19:25]/ecard.zip/ecard.exe
25.07.2009 08:27:09 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Briana Rodgers sent you a postcard from 1001 Postcards!][Time:2009/07/24 23:38:00]/text/html
25.07.2009 08:26:45 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 21:50:40]/ecard.zip/ecard.exe
25.07.2009 08:26:45 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 21:50:40]/ecard.zip/ecard.exe
25.07.2009 08:26:43 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 21:25:14]/ecard.zip/ecard.exe
25.07.2009 08:26:43 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 21:25:14]/ecard.zip/ecard.exe
25.07.2009 08:21:41 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 05:45:57]/ecard.zip/ecard.exe
25.07.2009 08:21:41 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 05:45:57]/ecard.zip/ecard.exe
25.07.2009 08:20:18 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 03:37:05]/ecard.zip/ecard.exe
25.07.2009 08:20:18 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 03:37:05]/ecard.zip/ecard.exe
25.07.2009 08:19:42 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 01:45:57]/ecard.zip/ecard.exe
25.07.2009 08:19:42 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 01:45:57]/ecard.zip/ecard.exe
25.07.2009 08:19:04 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 00:21:47]/ecard.zip/ecard.exe
25.07.2009 08:19:04 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 00:21:47]/ecard.zip/ecard.exe
25.07.2009 08:18:40 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 00:00:11]/ecard.zip/ecard.exe
25.07.2009 08:18:40 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/25 00:00:11]/ecard.zip/ecard.exe
25.07.2009 08:18:01 Gefunden: Trojan-Spy.HTML.Fraud.gen Spamihilator [From:][Subject:Tina Woodall sent you a postcard from 1001 Postcards!][Time:2009/07/24 23:08:39]/text/html
25.07.2009 08:16:32 Gelöscht: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 21:44:58]/ecard.zip/ecard.exe
25.07.2009 08:16:32 Gefunden: Trojan-Spy.Win32.Zbot.zur Spamihilator [From:][Subject:You have received an eCard][Time:2009/07/24 21:44:58]/ecard.zip/ecard.exe

Eintraege : 40

( der Tag ist ja noch nicht vorbei O_o

Hier ein paar infos zu dem Virus Trojan-Spy.HTML.Fraud.gen

Trojan-Spy.HTML.Fraud.gen

Aliases
Trojan-Spy.HTML.Fraud.gen (Kaspersky Lab) is also known as: Phish-BankFraud.eml (McAfee), Trojan Horse (Symantec), TrojanSpy:HTML/UrlSpoof.E* (RAV), HTML_SWENFRAUD.A (Trend Micro), TR/URLSpoof.P (H+BEDV), HTML/URLspoof.B@expl (FRISK), VBS.Trojan.Inor.Z.Spoofer (SOFTWIN), HTML.Phishing.Bank-31 (ClamAV), Exploit/URLSpoof (Panda)
Detection added Nov 23 2004
Description added Dec 29 2004
Behavior TrojanSpy
Technical details

This family of Trojans utilises spoofing technology. The Trojans themselves are contained in fake HTML pages. Messages, purportedly from banks, financial institutions, internet stores, software companies etc. are sent to users. These messages contain a link to the fake page; this link exploits the Frame Spoof vulnerability in Internet Explorer.

The Frame Spoof vulnerability is present in Internet Explorer v. 5.x and 6.x, and detailed in Microsoft Security Bulletin MS04-004. The bulletin also gives recommendations on how to recognise spoofed sites.

Once a user visits the fake site, and enters account details or personal information, these details will be sent to a malicious remote user, who will then have access to users’ confidential information.

quelle : kaspersky.de
Bin sehr gespannt ob das nun wieder abnimmt wie sonst auch, oder noch mehr wird :motz:

Also, haltet eure Antiviren Signaturen immer aktuell.

Und nur so am Rande auch die spam eintraege im Blog steigen momentan mal wieder sehr an, muss an den Sommer gefuehlen liegen oder ? :rose:

MG Blog

Archiv für den Tag: 25. Juli 2009

Viren-Mail-floot-geht-weiter-(Trojan-Spy.Win32.Zbot.zur-und-Trojan-Spy.HTML.Fraud.gen)

Beiträge die Sie auch interessieren Könnten:

Rund um CRATR.games und arcadewelten.eu Produkte