SCF Advanced Search



  • Total Members: 13736
  • Latest: parasti
  • Total Posts: 38282
  • Total Topics: 12871
  • Online Today: 1341
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)


Author Topic: Scareware, Spam Follow DDoS Attacks On Twitter, Facebook  (Read 1736 times)

0 Members and 1 Guest are viewing this topic.


  • SCF Administrator
  • *****
  • Posts: 7522
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • - Samker's Computer Forum

Spam and scareware are running rampant following distributed denial-of-service attacks on Twitter, Facebook and other sites that allegedly were intended to silence a pro-Georgian blogger named Cyxymu.

SophosLabs researchers said in a blog post that they've noticed a wave of spam, as well as a sharp rise in scareware -- phony security software that either forces or coerces users to download the application to their computer. The messages reference Cyxymu, who researchers later discovered to be the intended target of the massive DDoS attack that affected micro-blogging site Twitter, as well as Facebook, LiveJournal and other social media sites.

Numerous spam messages contained Cyxymu's name and links to his blog, while the body of the spam message appears to be a letter sent from Cyxymu, apologizing for the DDoS attacks Thursday.

The DDoS attack knocked Twitter off-line for several hours, rendering its 45 million users without service, while Facebook, LiveJournal and several other social media sites suffered a significant slowdown and longer load times.

Since then, researchers discovered that the massive DDoS attack was targeted at Cyxymu, who told The Guardian his real name was Georgy, a 34-year-old economics lecturer from Tiblisi, the Georgian capital. Attack packets were found to request pages hosted by Cyxymu, who had recently blogged about the one-year anniversary of Russia's invasion of Georgia.

While Twitter was back up and running Thursday afternoon, the site experienced connectivity problems and a significant slowdown throughout the weekend.

In reality, security researchers say that the spam campaigns and scareware promoting bogus security software are likely to be cybercriminals taking advantage of the Web traffic surrounding the Twitter attacks in an effort to further discredit and create hardship for the pro-Georgian blogger, as well as solicit victims for money and distribute malware.

"My guess is that these e-mails aren't really being sent by Cyxymu, but are an attempt by troublemakers to bring his name, and various Web pages into disrepute," said Graham Cluley, Sophos senior technology consultant for Sophos, in the blog post.

Researchers at McAfee also noted that the spammers spoofed the e-mail address of Cyxymu as the originator of the spam, which likely flooded the blogger's inbox with copious out-of-office notifications and other automatic messages. "This was likely part of an intimidation campaign designed to send a message to Cyxymu about who was the real intended targeted of the DDoS," said McAfee researcher Dmitri Alperovitch in a blog post.

Alperovitch noted that the spam also contained links to the blogger's sites, possibly with the goal of clogging the servers with a wave of traffic that could result in a system crash. On analysis, the spam campaigns appeared to be distributed by the same botnet that was used for the Twitter DDoS attacks, which churned out spam from Brazil, Turkey and India, Alperovitch said.


Samker's Computer Forum -


With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters)

Enter your email address to receive daily email with ' - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising