E-mail Scam Attacks Taiwanese Bank via Adobe Flaw
Symantec, an online security company, has warned that an online scam is distributing e-mails in Taiwan so that recipients may be duped to download malware from the Net. The attack reportedly compromises computers that do not have the latest patch for Adobe software.
A posting on Symantec's blog on August 6, 2009 states that the scam e-mail pretends as a message from a Taiwanese bank promoting a credit card scheme while its content deliberately shows a void, making recipients think that it was not loaded properly.
The e-mails contain a link to a .swf worm and direct recipients to follow the link if the images were not clearly visible. However, when the link is clicked on, a web-page appears with malicious code that in turn redirects users to another site. While that happens, the code tries to plant a file named sploit.swf on systems without the latest patch for the Adobe programs. Additionally, attackers who are able to exploit successfully may compromise the affected system completely.
Security researchers at Symantec state that the attack works out to be a domain or dictionary attack, adding that Symantec has identified the 'blog.html' web-link within the malicious e-mail as Trojan.Malscript!html.
Meanwhile, a notification regarding the issue has been issued to the bank, a Symantec spokesperson revealed.
A patch to fix the Adobe flaw was made available in the end week of July 2009. The flaw reportedly affects Windows, Linux and Mac OS X systems with Flash Player 10.x and 9.x, and Windows, Unix and Macintosh with Adobe Acrobat and Adobe Reader 9.x.
Furthermore, Adobe has admitted that there are reports which talk about hackers exploiting the flaw via targeted and limited assaults against Adobe Reader ver.9 running on Windows.
Thus, to stay protected from the malware attacks, the security specialists recommended that computer users deploy the newly issued update Adobe Flash Player 10.0.32.18 and 22.214.171.124. This update patches Adobe Acrobat and Reader, Adobe Flash Player and Adobe AIR as it addresses a security flaw resulting from memory corruption that could allow attackers to execute a malicious code.
Related article: E-Crime Reporting Format To Be Launched in July
» SPAMfighter News - 25-08-2009