The Internet threat alert status is currently normal. At present, no major epidemics or other serious incidents have been recorded by Kaspersky Lab’s monitoring service. Internet threat level: 1

Hot Fail On SexBoosters

Kaspersky Lab Expert
Posted July 08, 14:27  GMT
Tags: Website Hacks, Content Filtering, Spammer techniques

Over the last couple of days we've been noticing a few pharmacy spam mails which are a bit different. Somebody seems to have replaced the original graphical content with an alert highlighting that such messages are malicious.

So far we have counted three (ab)used image hosting services for this spam:

  1. imageshack.us
  2. imgur.com
  3. myimg.de

A quick analysis of these showed that #1 currently serves all the replaced images, #2 serves all original spammers images and #3 seems to have removed the offensive content immediately, good work!

At the moment, we don't have any further information about the source/background of the warning replacements - this gives us plenty of opportunity to use our imaginations when thinking about what's actually going on. A few of the key words and concepts we're considering are: white hats, rival spammers, compromised hosting service(s). Not an exhaustive list, but more of a launch pad for further theories and research!


Newest first
Threaded view


2010 Jul 09, 00:40


I also have some assumptions, technicaly is detailed analyzed. Take a look at the pictures itselfs and used font. I am also not ekspert but one can see that the person or group who sent this, has knowledge to find on net appropriate symbols, and he knows schema of forgery. He knows that pills are fake and could damage ones health. And that the money will be stollen. etc. He uses word scam not spam.
That was my attempt of profiling the hacker behind this spam.

Edited by fp, 2010 Sep 09, 00:48



2010 Jul 09, 18:13

Re: Motivation?

Hello Filip,

Yes, you raised some interesting points. Thanks much for your input!



2010 Sep 03, 11:32

Re: Re: Motivation?

Regarding a different psyhological profiles of people I think this is just another kind of spam. Like majority of spam exploits human graspingness, this spam I presume, is intentionaly designed to exploit human despite (contumacy). This attribute is highly demonstrated at some very young children. But like nigerian scheme is still working unfortunatelly there is a great potentional for such exploits.

Edited by fp, 2010 Sep 03, 11:57

If you would like to comment on this article you must first

Bookmark and Share