Spam

A deluge of spam advertising acai berry diets is leaving a bitter taste in the mouths of Twitter users this morning while being linked to a devastating hacker attack yesterday on Gawker Media that compromised account information belonging to hundreds of thousands of readers.

Among the Gawker sites affected are Lifehacker, Gizmodo, Gawker, Jezebel, io9, Jalopnik, Kotaku, Deadspin and Fleshbot. Anyone who has registered at those sites is being urged to change their password, and, if using the same login info elsewhere, change that as well.

It might come as no surprise that online complaints by concerned Malaysians about the Ministry of Defence's National Service (NS) programme have fallen on deaf ears. What might come as a surprise is to find your mailbox flooded with spam instead.

A "serious" exploit that allowed spam to be sent to Gmail users without them knowing about it has been shut down.

Google claimed it was quick to counter the exploit, which caused spam to be sent to logged-in Gmail users when they visited specially-crafted websites. “We quickly fixed the issue in the Google Apps Script API that could have allowed for emails to be sent to Gmail users without their permission if they visited a specially designed website while signed into their account,” Google explained in a statement.

Managed email provider MessageLabs has blamed a security breach on one of its customer's networks for a bout of spam detected from its IP address range. The incident saw the vendor - which incidentally is paid to protect customers from inbound spam - included in block lists by other anti-spam services.

As reported previously by Infosecurity, the Anti-Phishing Working Group reported back in May that the Avalanche Group were responsible for two third of all detected phishing attacks in Q3 and Q4 of 2009.

In its analysis of the trend, meanwhile, Imperva says that the attack vectors used by the Avalanche botnet gang – who have taken two years to migrate to the new fraud architecture – indicate that criminal hackers are now using lateral thinking to develop their fraudulent modus operandi.

You may not have noticed but the world supply of Viagra ads and other email spam has dropped by an estimated one-fifth since last month. On Tuesday, Moscow police officials announced a criminal investigation of a suspected spam kingpin, Igor Gusev, who is believed to have fled the country.

In a rare bit of good news on efforts to reduce the relentless volume of junk e-mail, Spamit has closed its doors, dramatically decreasing global spam volumes, wrote a Cisco researcher in a security blog.

"We don’t often hear about spam getting better," said Henry Stern in a phone call to eWeek, "A spammer shut down voluntarily. They decided they were done."

A large number of The Pirate Bay users have received an email, allegedly from the site’s operators, inviting them to join the private BitTorrent tracker DemUnoid. The Pirate Bay team has distanced itself from the senders, but it remains a mystery how the spammers gained access to the site’s user database.

Two months ago a group of Argentinian hackers successfully gained access to The Pirate Bay’s admin panel through a security breach. At the time, the hackers stated that they didn’t want to exploit the vulnerability, and merely wanted to show that the system was vulnerable.

Traditional Web hackers are increasingly landing their services to spammers by allowing them to run advanced mass mailing tools from the compromised servers.

Such a specialized Web-based application was located by security researchers from antivirus vendor Kaspersky Lab on hacked servers in Brazil, a country where spam and phishing are amongst the top cybercriminal activities.

A botnet responsible for a significant amount of spam has been crippled but may reconstitute itself in a matter of weeks, according to vendor M86 Security.

The Pushdo or Cutwail network of hacked computers ranked in the top five or so botnets for spam, responsible for as much as 10 percent of all spam, said Ed Rowley, product manager for M86 Security. The spam often advertises fake software, so-called designer goods and questionable pharmaceutical products.