All Things Techie With Huge, Unstructured, Intuitive Leaps

Belarus Spam in Yahoo mailbox that's kind of weird


With the widespread security breaches at Yahoo mail, weird things were happening.  I would get Yahoo mail in my inbox but I couldn't open it.  The twitterverse was alive with people with  the same problem.  After those problems were fixed, I started getting weird spam originating out of Russia and it old satellite states -- namely Belarus.  Notice the .by domain name for Belarus.  (Incidentally Belarus translates into English as White Russia.  Apparently there is White Russians and Black Russians -- darker skinned versions that have nothing to do with Africa).

The weirdness of the above spam (other than the fact that there were no links to click), was that there was tiny hidden text in the above spam.  When I selected and copied the text into notepad, this is what actually appeared:

Teenage Mrs. Bruna Rzasa and her intimate adventures
Spam
x


Bruna Rzasa djouiafa@mgts.by
8:24 AM (33 minutes ago)

to me 

Why is this message in Spam? It's similar to messages that were detected by our spam filters.  Learn more
_________________________________________ Hearing the questions about to stay. Replied shirley as though she wondered vera 
¸²®Greetings, white manΩ³sweet !!ÃÕ­It's me,æ¹íBruna !!Sorry dave in without the kitchen table. Clark smile at his own thoughts that. 
ÊߨNeed to try it going. Begged charlie waited for them 

ª·ôI£ùÔ ©ÀÐfèäçoî¿õuÓå¬n¬£³d¤Çõ áÔµyÔíÛoÅ´­u®Ê·r³ß½ ÖÁ°pß׳r¨º­o¦­²fÊâàiìèàlÉúÙeçÆã Æî´vÚâªi³Á¢aËÿÒ Óå¼fËö®a¾¹Ýc¢ååe£©±bÝŶoììËoõãôkù×ç.È¡º ¹ì×I¿ëÚ ÂÍðwçÑØaÓüÌsþÁ³ ×ûÓeÏÈÉxä׫cÚø¨iØÀçt³ôªeÅ«êd¹ø¶!¼´ÿ ÜÉËYõìÝoéÇÐuÁÚ¤'Ûí»ràÀáe¸¹Þ ­ô¥c÷ñ¼uäöÇtÞ²Æe×Ú½!Struggling to keep from under the door. Melvin will do anything like. 


½ÐøIíúû ©æÓwÏêëa»²én»á­tÂãü éò½tþ¥ºo¿§Û é¥ÝsÖÕØhìà§aºô¶rõ¯¦eº® Ï¢òså¤Ìo£ÜÀmëþ³e±Ñþ ìâh·ßýoØýÂt·«¹ ¼íøp±³òh³Ó¥oÏãït£Ô¿o°Å©sªÖå î¢èwóª¹i®¾´tƯÓhëߥ èàÂy÷âýo¿ó¶uÂéæ,¿ã¯ ÕòÄbææa¢à®bìÛàe»ì·!Unable to thank you happy adam. Suddenly realized she did as her adam. 

«ÏÙGëÔóoõ¡¬tóÞª øÏÂb­îÑiÊôÙgªü­ ®¨ÅbÿÐÚo»¦ÉoÚ·ôb¼ÊÌsþÀÛ,ÓÚÙ äÁùaÎÊ¢n°¹ÁdÌÂ× ð¹óa¶Ì¸ þÑ®bæ±Ëió¢ÛgÔÙç µÓßbÛüµuèüèt¯ý¬tÑØÈ...Ìá® ÈÇ¿aäïÇnééödß¨ç ­¯¢kòýÀnìÛÞo̳ßwÖäï ¯ü¨h¿¶ÙoÕóÑw£¹¨ ¼ìÈtâûåoç´¶ ¨©²uøáÇsÊû·e£é¤ ÆïÈtÐå÷hÚõüe¿Ùÿm´Ý­ ¡¢£:»È¬)Confessed adam kissed his arms around here. 

ºâèMike smiled at last night 

¥èÍInstructed adam rubbed his shoulder 


ÕåÁC¡Åðl«ü£iÙàöc©Ä«kâßü »þ½b±­âeÊÕ³lªëäl¡¹ÐoÐâÁwÛÚÀ êý£tþ³©oÙÄî ÜâÖvÓؾi°ëìeÖÈËw­®¸ ÏÔ¤m¼ÿ¿yÑðø ÞóÉ(óÏô27ÃýÞ)©Ê¼ ò²ñpãÒ½r®øöiÔÏävð§aÕ¦ãtðÙ£eîïÕ Ì¥ªp¾º§hì¼üoûÚÏt¿êëoõÅès°ª¬:According to get me take it adam. Just then you over at the second. 
What you love him on chuck. Careful not one hand in our baby.
Vera exclaimed in several days and wally.
Nodded to stop and found herself that.DWGCBruna's p i c snlChuckled adam replie

I am thinking that some amateur spammer tried to embed binary executable code into the message and it didn't work.  Several hours later, more Russian spam showed up in my Yahoo inbox, and it was the more conventional variety:

Mrs. Irene Ohms LIKED YOU and left a new MESSAGE for you
Irene-Ohms

Hello, chief sweetheart. This is Irene ...
I found your profile via facebook .
I was delighted. You're pretty!
I want to show some hot pics to you, sweeting.
Your YAHOO mailservice sucks :) So Click on the link bellow and then click OK button again lol

I wish to meet you soon! Bye-bye sweeting ))


Juliet Friemering

Salut sweet.. It's me Juliet!
I found your profile via linkedin . I was amazed!
You're handsome!
I want to have a hot talk with you, sweetheart !
Your YAHOO mailservice sucks btw! So Click on the link bellow and then click OK button again !

I wish to meet you soon! Bye-bye darling !

The ironic bit again, is that they mention Yahoo in the message and I believe that they have compromised some part of Yahoo. The clickable domains were all Russian.

To Yahoo's credit, the spam filters picked it up, but I think that they have a tough row to hoe with quality and security issues. No comments:

Post a Comment