Seems this morning has ushered in a slew of spam and possibly malicious pdf and dat emails coming in. I take it this is pretty new this morning since neither Postini nor McAfee have any blockings yet, and I’m hoping they are just spam and not some more sinister. We’re watching our inbound mail and have actually blocked all mail with attachments until we learn more. Days like this make me wish I didn’t have tons of projects and things to do and more time for incident response. 🙂
2 thoughts on “large number of pdf and dat file mail spam”
Comments are closed.
The latest pump and dump stock spam might be sourced from the strmworm botnet (misspelled intentionally). It’s also been behind some pretty nasty ddos attacks against researchers who’ve been investigating it, or writing up reports about it. Nasty stuff. If you do some investigation, tread lightly.
Yeah, so far it just appears to be spam with no other payload, which I’m not too worried about. 🙂
http://isc.sans.org/diary.php?storyid=3137