Trojans -- Internet Scams

[ Show ]

Support VoyForums

[ Shrink ]

VoyForums Announcement: Programming and providing support for this service has been a labor of love since 1997. We are one of the few services online who values our users' privacy, and have never sold your information. We have even fought hard to defend your privacy in legal cases; however, we've done it with almost no financial support -- paying out of pocket to continue providing the service. Due to the issues imposed on us by advertisers, we also stopped hosting most ads on the forums many years ago. We hope you appreciate our efforts.

Show your support by donating any amount. (Note: We are still technically a for-profit company, so your contribution is not tax-deductible.) PayPal Acct: Feedback:

Donate to VoyForums (PayPal):

[ Login ] [ Contact Forum Admin ] [ Main index ] [ Post a new message ] [ Search | Check update time | Archives: 1, 2, 3, [4] ]

[ Next Thread | Previous Thread | Next Message | Previous Message ]

Date Posted: 21:10:24 01/19/04 Mon
Author: Repost
Subject: Trojans

I just got the following email, it says it is from the
Chief of Internet Security for Kazaa Gold.

Yeah, I buy that.
WTF is kazaa gold anyway?

I would guess this is another trojan dropper.
Does someone have the ability to analyze this?

Link in spam
rel=nofollow target=_blank href="http://www.enigmasoftwaregroup.com/affiliate/link.php?ref=225&productid=4%27">
which when clicked sets cookies and fetches a program

Fetching
http://www.enigmasoftwaregroup.com/affiliate/link.php?ref=225&productid=4%27
...
GET /affiliate/link.php?ref=225&productid=4%27 HTTP/1.1

Host: www.enigmasoftwaregroup.com
Connection: close

HTTP/1.1 302 Found
Date: Tue, 20 Jan 2004 02:45:48 GMT
Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_ssl/2.8.12
OpenSSL/0.9.6b DAV/1.0.3 PHP/4.1.2 mod_perl/1.26
X-Powered-By: PHP/4.1.2
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: AffiliateSystem=isset; expires=Mon, 19-Apr-04 02:45:48 GMT
Set-Cookie: AffiliateSystemAffiliateID=225; expires=Mon, 19-Apr-04
02:45:48 GMT
Set-Cookie: AffiliateSystemProductID=4; expires=Mon, 19-Apr-04
02:45:48 GMT
Location:
http://www.enigmasoftwaregroup.com/Spyhunter_download/spyhunterS.exe
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html

Do we know Alex Russo?

Domain Name: ENIGMASOFTWAREGROUP.COM
Administrative Contact:
Russo, Alex enigma013@india.com
213-17 39th Avenue Suite 255
New York, NY 11361
US
718-504-3648

X-Persona: < >
Return-Path:
X-Flags: 0000
Delivered-To: GMX delivery to
Received: (qmail 1178 invoked by uid 65534); 19 Jan 2004 21:55:51
-0000
Received: from unknown (HELO kazaa-kazaa.com) (207.8.203.45)
by mx0.gmx.net (mx019-rz3) with SMTP; 19 Jan 2004 22:55:51 +0100
Received: (qmail 35934 invoked by uid 1003); 19 Jan 2004 21:55:37
-0000
Date: 19 Jan 2004 21:55:37 -0000
Message-ID: <20040119215537.35933.qmail@kazaa-kazaa.com>
From: "Sonia Thompson"
To: "K�Bler" <>
X-Mailer: realestate-infomail3.com
X-Complaints-To: abuse@GetResponse.com
X-Responder-ID: 1164
X-Remove-Address: <>
X-Response-ID: kazaagold.FOLLOW.0.3-1572788
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Subject: (no subject)
X-GMX-Antivirus: -1 (not scanned, may not use virus scanner)
X-GMX-Antispam: 0 (Mail was not recognized as spam)

My name is Don Warner Chief of Internet Security for Kazaa
Gold. If you are reading this message your computer is vulnerable to
and probably already contains parasites known as spyware.

Spyware puts your computer and privacy in jeopardy by sharing your
personal information over the internet and the following...

- slow down your internet connection
- blast you with pop-up ads
- increase the amount of SPAM you receive

As you know Kazaa Gold is one of the few way you can download free
music without getting infected with spyware. It's imparitive for us at
Kazaa Gold to put an end to spyware so we've teamed up with another
company to offer you a free download that will scan your computer for
spyware and show you how to get rid of it for good.

Here is the link: http://www.kazaagold.com/spywarescanner.htm

Thank you

Sincerely,
Don Warner
Chief of Internet Security Kazaa Gold

http://www.kazaagold.com/spywarescanner.htm

[ Next Thread | Previous Thread | Next Message | Previous Message ]

[ Contact Forum Admin ]

Forum timezone: GMT-8
VF Version: 3.00b, ConfDB:
Before posting please read our privacy policy.
VoyForums^(tm) is a Free Service from Voyager Info-Systems.
Copyright © 1998-2019 Voyager Info-Systems. All Rights Reserved.