[Malware] The Phishing Storm of 2008

Caution the following post contains explicit malware content, be careful!!!!

As every end of year Web registers a significative incrase of Malware attacks over various fronts, in particular WebSite Phishing Frauds, File Infection and New Rootkits.

This information can be verified by consulting http://www.antiphishing.org/

Obviously 90% of Frauds comes from fake Websitesin topic with the current Holidays, such as Christmas Gifts, E-Card / Postcard Online services. In the last days for example I’ve founded two phishing E-Card WebSites:



Let’s lookup the first WebSite:


Domain name:             UHAVEPOSTCARD.COM
Name Server:             ns.uhavepostcard.com
Name Server:             ns10.uhavepostcard.com
Name Server:             ns11.uhavepostcard.com
Name Server:             ns12.uhavepostcard.com
Name Server:             ns13.uhavepostcard.com
Name Server:             ns2.uhavepostcard.com
Name Server:             ns3.uhavepostcard.com
Name Server:             ns4.uhavepostcard.com
Name Server:             ns5.uhavepostcard.com
Name Server:             ns6.uhavepostcard.com
Name Server:             ns7.uhavepostcard.com
Name Server:             ns8.uhavepostcard.com
Name Server:             ns9.uhavepostcard.com
Creation Date:           2007.12.23
Updated Date:            2007.12.24
Expiration Date:         2008.12.23
Domain name:             FAMILYPOSTCARDS2008.COM
Name Server:             ns.familypostcards2008.com
Name Server:             ns10.familypostcards2008.com
Name Server:             ns11.familypostcards2008.com
Name Server:             ns12.familypostcards2008.com
Name Server:             ns13.familypostcards2008.com
Name Server:             ns2.familypostcards2008.com
Name Server:             ns3.familypostcards2008.com
Name Server:             ns4.familypostcards2008.com
Name Server:             ns5.familypostcards2008.com
Name Server:             ns6.familypostcards2008.com
Name Server:             ns7.familypostcards2008.com
Name Server:             ns8.familypostcards2008.com
Name Server:             ns9.familypostcards2008.com
Creation Date:           2007.12.29
Updated Date:            2007.12.29
Expiration Date:         2008.12.29


Its truly curious that these domains comes from Los Angeles and are created only for these hollidays 🙂

The spreaded malware is always the same but in different forms:

  • happy_2008.exe
  • Happy2008.exe
  • stripshow.exe
  • happynewyear2008.exe

So pay attention to these Postcard sites.. 😉



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: