New Moon, New Spam

Spammers often ride on blockbuster movies to proliferate their malicious deeds. Just recently, Trend Micro researchers received spammed messages that piggybacked on the sequel of the Twilight movie, New Moon.
No suprises there as the said movie earned US$274.2 million on its opening weekend and continues to climb the movie charts. In fact, just days before New Moon’s premiere,Trend Micro has already reported about New Moon-related poisoned search results that led to rogue antivirus software or other type of badware.

The spammed email message has the subject “Filme 2009, Film Noi, Filme Gratis” and has a URL that points to a commercial spam site. The email body is written in Romanian, which suggests that this is a targeted attack. However, our researchers rather believe that this spam is more of a trial for advertising a new file-sharing portal.

The links in the spammed emails open a Romanian file-sharing portal (a DC++ hub), which indeed offers further links for downloading movie files. DC++  is an open source tool, which allows users to share files and to chat over the Internet with other users. The DC++ tool and related hubs are highly popular in Romania. FAQ sites describe DC++ hubs as:
A hub is a kind of (continue reading...)