Stock Spam

Tuesday, June 17. 2008
Pump and dump schemes for penny stocks based on spam mails were quite common in the years 2006 and 2007. Nowadays, however, it seems like these schemes are over and I receive such mails only very seldom. One recent example of such a scam mail is:
Now see for yourself.

Corporation: Angstrom Microsystems
Symbol OTCBB: agms
Suggested: Buy/hold
Monday close : .400
Shares traded: 331,485

Excellent release last week and investors are noticing and volume is up.

This is the beginning of great things, sales are up and deployment is increasing Angstrom Microsystems will blow you away.

Move before it's too late, obtain this stock NOW.

Please note that I modified the mail text to increase readability.
Such schemes work in practice and spam mails can actually influence the stock market as we showed in a study. This works since the quote of a penny stock can be influenced with a relative low number of trades.

Recently Sophos blogged about a spam campaign in which the mails contained a text about the downtime of Amazon. They theorized that these spam mails are used for shorting the Amazon stock for Short and Distort scams. I doubt that this is true - especially given the fact that more than five million Amazon stocks are traded per day...


Continue reading "Stock Spam"

Posted by Thorsten Holz in general at 19:16 | Comments (3) | Trackbacks (0)

Mail Problems

Thursday, June 5. 2008
The mail server of our university is down since more than two days (sic!). I'm wondering how many mails I have lost up to now and what kind of interesting information did not reach me... If you want to reach me, please use the Gmail account. On the other hand: no distracting e-mails and lots of time to write papers. The ACSAC deadline is next Sunday, presumably I have a paper ready until then :)
Posted by Thorsten Holz in general at 20:59 | Comments (0) | Trackbacks (0)

Storm Worm Presentation

Thursday, May 29. 2008
Two days ago I gave a presentation at IT-Sicherheits-Forum, a German conference on IT security, on Storm Worm. The presentation is now available. It provides an overview of Storm Worm and highlights various aspects of the botnet. The presentation is an extended version of our LEET'08 paper on the same topic.

Storm is still an interesting botnet. However, the botnet is getting smaller and smaller - nowadays there are typically less than ten thousand machines online during a typical day. Seems like the good ol' days of Storm are over...
Posted by Thorsten Holz in general, malware at 14:20 | Comments (0) | Trackbacks (0)

Call for Paper: EC2ND'08

Wednesday, May 14. 2008
The CFP for the fourth annual European Conference on Computer Network Defense (EC2ND'08) is up online at http://2008.ec2nd.org/.

The conference will take place on December 11th & 12th 2008 in the Faculty of Engineering and Computing at Dublin City University. The theme of the conference is the protection of computer networks. As with past EC2ND conferences, this year's event will encourage participants from academia and industry within Europe and beyond to discuss current topics in applied network and systems security.

EC2ND 2008 invites submissions presenting novel ideas at an early stage with the intention to act as a discussion forum and feedback channel for promising, innovative security research. While our goal is to solicit ideas that are not completely worked out, and might have challenging and interesting open questions, we expect submissions to be supported by some evidence of feasibility or preliminary quantitative results.

Important Dates:
Paper Submission Deadline: September 1st, 2008
Notification of Acceptance: September 18th, 2008
Final Paper Due: October 1st, 2008
Conference Dates: December 11th & 12th, 2008

You can find more information at http://2008.ec2nd.org/.
Posted by Thorsten Holz in general at 16:53 | Comments (0) | Trackbacks (0)

WOMBAT / FORWARD

Friday, April 25. 2008
In the last few days, the first workshops for two projects funded by the European Union took place: WOMBAT and FORWARD.

Project description WOMBAT:
The WOMBAT project aims at providing new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens. To reach this goal, the proposal includes three key workpackages: (i) real time gathering of a diverse set of security related raw data, (ii) enrichment of this input by means of various analysis techniques, and (iii) root cause identification and understanding of the phenomena under scrutiny. The acquired knowledge will be shared with all interested security actors (ISPs, CERTs, security vendors, etc.), enabling them to make sound security investment decisions and to focus on the most dangerous activities first. Special care will also be devoted to impact the level of confidence of the European citizens in the net economy by leveraging security awareness in Europe thanks to the gained expertise.


Project description FORWARD:
The FORWARD initiative aims at identifying, networking, and coordinating the multiple research efforts that are underway in the area of Cyber-threats defenses, and leveraging these efforts with other activities to build secure and trusted ICT systems and infrastructures.


The initial workshops were quite interesting, let's see how both projects evolve :-)
The websites of both WOMBAT and FORWARD contain more information about the actual project, including more information about the participants and the initial workshops.
Posted by Thorsten Holz in general at 14:07 | Comments (0) | Trackbacks (0)
« previous page   (Page 2 of 3, totaling 14 entries) » next page